Page 20 - Approved Social Media Framework and Guidelines
P. 20

departments which are providing social media facilities must comply with ISO
                             27001.

                         iv.  Further  under  the  Information  Technology  (Intermediary  guidelines)  Rules,
                             2011,  since  the  said  Government  department  who  is  provide  social  media
                             facilities is an intermediary, it has to comply with the Information Technology
                             (Intermediary guidelines) Rules, 2011.  Under Rule 3(4) of the said rules, the
                             Government  department  shall  act  within  thirty  six  hours  on  receiving  the
                             written complaint form an affected person and where applicable, work with
                             user  or  owner  of  such  information  to  disable  such  information  that  is  in
                             contravention of sub-rule (2).

                         v.   Further  the  Government  department  shall  preserve  such  information  and
                             associated records for at least ninety days for investigation purposes.

                         vi.  In case, if the Government department does not comply with any of the above
                             requirements  of  law,  then  the  said  Government  department  as  also  the
                             concerned  head  of  the  department  who  is  responsible  for  the  social  media
                             facilities  and  the  concerned  IT  head  would  be  liable  for  civil  and  criminal
                             consequences.

                         vii. The  civil  consequences  could  consist  of  being  sued  for  damages  by  way  of
                             compensation  upto  5  crore  Rupees  under  summary  proceedings  before  the
                             adjudicatory  authorities  specially  constituted  under  the  Information
                             Technology  Act,  2000.    Further  if  person  wants,  they  can  sue  the  said
                             Government  department  for  damages  beyond  5  crore  Rupees  in  a  court  of
                             competent jurisdiction.

                         viii. In case the concerned Government department does not comply with all the
                             aforesaid laws, the said Government department as also the person heading
                             the department and the concerned IT head would also be liable for criminal
                             liability which could range from imprisonment of 3 years to life imprisonment
                             and fine which could range from 1 lakh to 10 lakh Rupees.

               Rules  for  Privacy  and  data  collection:  While  social  networking  enables  greater
               transparency, it is equally important to ensure the protection of people from exposure to

               inappropriate or offensive material.

               ·       Since  profiles  on  social  network  are  linked  more  often  to  individuals  and  not
               organisations,  for  the  organisation’s  site/page,  a  separate  work  profile  may  be  created
               which can then be linked to a general email address that is accessible to anyone in the team,
               enabling  them  to  administer  the  social  networks  without  compromising  on  individual
               privacy.

               ·       It is critical that social media policy for the Government is compliant with existing
               law governing data protection and privacy. Each department of the Government may be
                                                      Page 20 of 38
   15   16   17   18   19   20   21   22   23   24   25