AI-based Deepfake WhatsApp Video Call Scam

Introduction

Big Tech has been pushing back against regulatory measures, particularly regarding data handling practices. X Corp (formerly Twitter) has taken a prominent stance in India. The platform has filed a petition against the Central and State governments, challenging content-blocking orders and opposing the Center’s newly launched Sahyog portal.  The X Corp has furthermore labelled the Sahyog Portal as a 'censorship portal' that enables government agencies to issue blocking orders using a standardized template.

The key regulations governing the tech space in India include the IT Act of 2000,  IT Rules 2021 and 2023 (which stress platform accountability and content moderation), and the DPDP Act 2023, which intersects with personal data governance. This petition by the X Corp raises concerns for digital freedom, platform accountability, and the evolving regulatory frameworks in India. 

Elon Musk vs Indian Government: Key Issues at Stake

The 2021 IT Rules, particularly Rule 3(1)(d) of Part II, outline intermediaries' obligations regarding ‘Content Takedowns’. Intermediaries must remove or disable access to unlawful content within 36 hours of receiving a court order or government notification. Notably, the rules do not require government takedown requests to be explicitly in writing, raising concerns about potential misuse. 

X’s petition also focuses on the Sahyog Portal, a government-run platform that allows various agencies and state police to request content removal directly. They contend that the failure to comply with such orders can expose intermediaries' officers to prosecution. This has sparked controversy, with platforms like Elon Musk’s X arguing that such provisions grant the government excessive control, potentially undermining free speech and fostering undue censorship.

The broader implications include geopolitical tensions, potential business risks for big tech companies, and significant effects on India's digital economy, user engagement, and platform governance. Balancing regulatory compliance with digital rights remains a crucial challenge in this evolving landscape.

The Global Context: Lessons from Other Jurisdictions

The ‘EU's Digital Services Act’ establishes a baseline 'notice and takedown' system. According to the Act, hosting providers, including online platforms, must enable third parties to notify them of illegal content, which they must promptly remove to retain their hosting defence. The DSA also mandates expedited removal processes for notifications from trusted flaggers, user suspension for those with frequent violations, and enhanced protections for minors. Additionally, hosting providers have to adhere to specific content removal obligations, including the elimination of terrorist content within one hour and deploying technology to detect known or new CSAM material and remove it.

In contrast to the EU, the US First Amendment protects speech from state interference but does not extend to private entities. Dominant digital platforms, however, significantly influence discourse by moderating content, shaping narratives, and controlling advertising markets. This dual role creates tension as these platforms balance free speech, platform safety, and profitability.

India has adopted a model closer to the EU's approach, emphasizing content moderation to curb misinformation, false narratives, and harmful content. Drawing from the EU's framework, India could establish third-party notification mechanisms, enforce clear content takedown guidelines, and implement detection measures for harmful content like terrorist material and CSAM within defined timelines. This would balance content regulation with platform accountability while aligning with global best practices.

Key Concerns and Policy Debates

As the issue stands, the main concerns that arise are:

1. The need for transparency in government orders for takedowns, the reasons and a clear framework for why they are needed and the guidelines for doing so. 
2. The need for balancing digital freedom with national security and the concerns that arise out of it for tech companies. Essentially, the role platforms play in safeguarding the democratic values enshrined in the Constitution of India. 
3. This court ruling by the Karnataka HC will have the potential to redefine the principles upon which the intermediary guidelines function under the Indian laws. 

Potential Outcomes and the Way Forward

While we wait for the Hon’ble Court’s directives and orders in response to the filed suit, while the court's decision could favour either side or lead to a negotiated resolution, the broader takeaway is the necessity of collaborative policymaking that balances governmental oversight with platform accountability. This debate underscores the pressing need for a structured and transparent regulatory framework for content moderation. Additionally, this case also highlights the importance of due process in content regulation and the need for legal clarity for tech companies operating in India. Ultimately, a consultative and principles-based approach will be key to ensuring a fair and open digital ecosystem.

References

• https://www.thehindu.com/sci-tech/technology/elon-musks-x-sues-union-government-over-alleged-censorship-and-it-act-violations/article69352961.ece
• https://www.hindustantimes.com/india-news/elon-musk-s-x-sues-union-government-over-alleged-censorship-and-it-act-violations-101742463516588.html
• https://www.financialexpress.com/life/technology-explainer-why-has-x-accused-govt-of-censorship-3788648/
• https://thelawreporters.com/elon-musk-s-x-sues-indian-government-over-alleged-censorship-and-it-act-violations ‍
• https://www.linklaters.com/en/insights/blogs/digilinks/2023/february/the-eu-digital-services-act---a-new-era-for-online-harms-and-intermediary-liability

Introduction

In the digital entertainment world, OTT platforms have become highly popular and have attracted larger audiences. They offer a wide variety of entertaining content. However, there are certain concerns about depicting illicit or objectionable content on such platforms. The Indian Ministry of Information and Broadcasting (I&B) has been working on tackling issues like the availability of obscene content on online streaming platforms and other platforms. I&B Ministry has taken important steps to prevent the spread of such illicit or objectionable content.

The I&B Ministry has taken action against obscene and vulgar content on OTT platforms. A total 18 OTT platforms and several associated websites, apps, and social media handles have been blocked nationwide. The government has been in consistent talks with these platforms and issued several advisories, but they have not been adhered to. The decision was made after consultation with other ministries, domain experts, and industry bodies. The content allegedly obscene was found to depict nudity, sexual intercourse, and inappropriate sexual acts within societal contexts. The government states that it is the responsibility of platforms to ensure that content is not present in a vulgar fashion. Creativities do not necessarily mean promoting or propagating vulgar and sexual content.

Key Highlights of I&B Ministry Action against Obscene Content

On 14th March 2024, The Indian Ministry of Information and Broadcasting (I&B) announced the blocking of 18 OTT platforms, 19 Websites, 10 apps, and 57 social media handles for displaying obscene and vulgar content. Union Minister for Information & Broadcasting Shri Anurag Singh Thakur has announced the removal of 18 OTT platforms that published obscene and vulgar content, underscoring the responsibility of platforms to prevent the spread of such content. The decision was made under the Information Technology Act 2000 and in consultation with other Indian ministries and domain experts in media, entertainment, women's rights, and child rights.

List of Blocked OTT Platforms

OTT platforms that have been blocked are Dreams Films, Voovi, Yessma, Uncut Adda, Tri Flicks, X Prime, Neon X VIP, Besharams, Hunters, Rabbit, Xtramood, Nuefliks, MoodX, Mojflix, Hot Shots VIP, Fugi, Chikooflix, Prime Play.

It was highlighted that these OTT platforms, despite not being widely popular, have a significant viewership. One app has over 1 crore downloads, while two others have more than 50 lakh downloads on Google Play Store. These platforms also market their content through social media, with a combined followership of over 32 lakh.

Nature of content

The ministry reported that a significant portion of the content on social media platforms was obscene, vulgar, and demeaning, depicting nudity and sexual acts in inappropriate contexts like teacher-student relationships and incestuous family relationships. The content included sexual innuendos and prolonged pornographic scenes without any thematic or societal relevance. It was further stated that the content was found to be prima facie in violation of Section 67 and 67A of the Information & Technology Act, 2000, Section 292 of the Indian Penal Code and  Section 4 of the Indecent Representation of Women (Prohibition) Act, 1986.

Way Forward

The press release by the ministry stated that “The Government of India remains committed to fostering the growth and development of the OTT industry. Several measures have been undertaken in this regard, including the introduction of the Inaugural OTT Award for Web Series at the 54th International Film Festival of India, collaboration with OTT platforms in the media and entertainment sector, and the establishment of a light touch regulatory framework with an emphasis on self-regulation under the IT Rules, 2021.”

This shows that the Indian government is dedicated to promoting the growth of the OTT industry but within certain checks or oversight mechanisms to prevent illicit or objectionable content on such platforms.

OTT Content and Regulatory Checks

Online content streaming on OTT platforms lacks regulatory checks, unlike films, which are reviewed and certified by a government-appointed board. The government has instructed streaming services to independently review content for obscenity and violence before it is made available online. There have been repeated instances where criticism has been raised about the illicit or violative depicted content in some OTT shows. This highlights the issue of checks and balances. The government has urged self-regulation on platforms, but the repeated instances of illicit content raise societal concerns. The Ministry of I&B is keen towards promoting ethical & moral standards of content that is being hosted on online OTT platforms.

Conclusion

The Ministry of I&B has taken a step and announced the shutdown of 18 OTT platforms that were engaged in depicting illicit content. This shows that the I&B Ministry is committed to promoting ethical online content. While legislative measures are required to prevent the spread of such illicit or violative content, joint efforts by the government, industry players, and civil society are critical to ensuring a secure and responsible digital environment for all users.

References

• https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2014477
• https://www.thehindu.com/news/national/centre-bans-ott-platforms-websites-and-apps-over-obscene-and-vulgar-content/article67949819.ece
• https://economictimes.indiatimes.com/news/india/ib-ministry-blocks-18-ott-platforms-for-vulgar-content/articleshow/108485880.cms?from=mdr
• https://indianexpress.com/article/entertainment/information-and-broadcasting-ministry-blocks-18-ott-platforms-for-obscene-and-vulgar-content-9213749/
• https://www.storyboard18.com/ott-news/mib-blocks-18-ott-platforms-for-showing-obscene-and-vulgar-content-26400.htm

‍

Introduction

The information of hundreds of thousands of Indians who received the COVID vaccine was Leaked in a significant data breach and posted on a Telegram channel. Numerous reports claim that sensitive information, including a person’s phone number, gender, ID card details, and date of birth, leaked over Telegram. It could be obtained by typing a person’s name into a Telegram bot.

What really happened?

The records pertaining to the mobile number registered in the CoWin portal are accessible on the Malayalam news website channel. It is also feasible to determine which vaccination was given and where it was given.

According to The Report, the list of individuals whose data was exposed includes BJP Tamil Nadu president K Annamalai, Congress MP Karti Chidambaram, and former BJP union minister for health Harsh Vardhan. Telangana’s minister of information and communication technology, Kalvakuntla Taraka Rama Rao, is also on the list.

MEITY stated in response to the data leak, “It is old data, we are still confirming it. We have requested a report on the matter.

After the media Report, the bot was disabled, but experts said the incident raised severe issues because the information might be used for identity theft, phishing emails, con games, and extortion calls. The Indian Computer Emergency Response Team (CERT-In), the government’s nodal body, has opened an investigation into the situation

The central government declared the data breach reports regarding the repository of beneficiaries against Covid to be “mischievous in nature” on Monday and claimed the ‘bot’ that purportedly accessed the confidential data was not directly accessing the CoWIN database.

According to the first complaint by CERT-In, the government’s cybersecurity division, the government claimed the bot might be displaying information from “previously stolen data.” Reports.

The health ministry refuted the claim, asserting that no bots could access the information without first verifying with a one-time password.

“It is made clear that all of these rumours are false and malicious. The health ministry’s CoWIN interface is entirely secure and has sufficient data privacy protections. The security of the data on the CoWIN portal is being ensured in every way possible, according to a statement from the health ministry.

Meity said the CoWin program or database was not directly compromised, and the shared information appeared to be taken from a previous intrusion. But the hack again highlights the growing danger of cyber assaults, particularly on official websites.‍

Recent cases of data leak

Dominos India 2021– Dominos India, a division of Jubilant FoodWorks, faced a cyberattack on May 22, 2021, which led to the disclosure of information from 180 million orders. The breach exposed order information, email addresses, phone numbers, and credit card information. Although Jubilant FoodWorks acknowledged a security breach, it refuted any illegal access to financial data.

Air India – A cyberattack that affected Air India in May 2021 exposed the personal information of about 4.5 million customers globally. Personal information recorded between August 26, 2011, and February 3, 2021, including names, dates of birth, contact information, passport information, ticket details, frequent flyer information from Star Alliance and Air India, and credit card information, were exposed in the breach.

Bigbasket – BigBasket, an online supermarket, had a data breach in November 2020, compromising the personal information of approximately 20 million consumers. Email IDs, password hashes, PINs, phone numbers, addresses, dates of birth, localities, and IP addresses were among the information released from an insecure database containing over 15 GB of customer data. BigBasket admitted to the incident and reported it to the Bengaluru Cyber Crime Department.

Unacademy – Unacademy, an online learning platform, experienced a data breach in May 2020, compromising the email addresses of approximately 11 million subscribers. While no sensitive information, such as financial data or passwords, was compromised, user data, including IDs, passwords, date joined, last login date, email IDs, names, and user credentials, was. The breach was detected when user accounts were uncovered for sale on the dark web.

2022 Card Data- Cybersecurity researchers from AI-driven Singapore-based CloudSEK found a threat actor offering a database of 1.2 million cards for free on a Dark Web forum for crimes on October 12, 2022. This came after a second problem involving 7.9 million cardholder records that were reported on the BidenCash website. This comprised information pertaining to State Bank of India (SBI) clients. And other well-known companies were among those targeted in high-profile data breach cases that have surfaced in recent years.

Conclusion

Data breach cases are increasing daily, and attackers are mainly attacking the healthcare sectors and health details as they can easily find personal details. This recent CoWIN case has compromised thousands of people’s data. The All-India Institute of Medical Sciences’ systems were compromised by hackers a few months ago. Over 95% of adults have had their vaccinations, according to the most recent data, even if the precise number of persons impacted by the CoWin privacy breach could not be determined.