In the present scenario, the astronomical growth of the Internet and the easy access to everyone has led to an upsurge in online shopping and users on social media platforms, owing to which, there has been an escalation in unlawful activities. The main question which rises here is whether the intermediaries, i.e. the social media websites, ecommerce websites, blogging platforms, search engines, discussion boards etc. can be held liable for any unlawful or scrupulous content, product or service posted on their respective website, platform or board by a third party and to what extent?
The term “intermediary” has been defined under the Information Technology Act, 2002 (“IT Act”) with respect to any particular electronic message and means any person who on behalf of another person receives, stores or transmits that message or provides any service with respect to that message. This list is non-exhaustive and includes Internet Service providers (“ISPs”) as well as any website that provides user-generated content.
Thus, intermediary liability, which is based on the legal principle of vicarious liability, means that the service providers shall be held accountable for any illegal act of the user on their platform. As Rebecca MacKinnon has said, "Intermediary liability means that the intermediary, a service that acts as ‘intermediate’ conduit for the transmission or publication of information, is held liable or legally responsible for everything its users do."
However, it is not an easy task for these intermediaries to regulate the data flowing through them owing to their mammoth size. These platforms have often failed to protect their users in several religious, socio-political as well as economic cases which have led to misuse of data and free speech. The spreading of false news on Facebook and WhatsApp has incited riots, murders, mob-lynching as well as mass scale migration and the involvement of Facebook and Twitter in the US presidential elections in 2016 led to a widespread distrust of these platforms. There is harmful content ranging from hate propaganda to fake news to child pornography. Thus, there is a need for imposing greater liability on the intermediaries.
To answer the disconcerting question regarding intermediary liability, various jurisdictions have laid down innumerable legislations and guidelines and are constantly re-examining and reframing the same. It is observed that the Governments as well as Courts globally are becoming more “consumer friendly”, owing to the rise in the complaints of the rights holders and are adopting stricter approach and demanding more accountability from intermediaries.
Development of "intermediary liability" in India
In India, the regulation of intermediaries are incorporated in various laws and sub-legislations. Further, there has been a spate of cases in India and the Indian courts have been proactive in adjudicating on these issues.
- IT Act (2000)
Under the IT Act, initially only network service providers were protected “for any third party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention.” Thus, the original IT Act provided little or no safe harbour protection to intermediaries.
- Avnish Bajaj v. State and the Amendment to the IT Act (2008)
In this case, the Managing Director (and not the company Baazee.com) was charged with criminal provisions under the Indian Penal Act as well as the IT Act, for content circulated by a third party on its ecommerce platform. However, the Managing Director escaped liability since the company was not added as an accused either before the High Court or before the Supreme Court. Further, the Delhi High Court also observed that companies bear the risk of acquiring knowledge if the content uploaded escapes the filters which are meant for blocking pornographic content.
In this case, it was also observed that there was a requirement for widening the scope of protection given to intermediaries, and thus, the IT Act was amended in 2008 to include a safe harbour regime under Section 79 of the IT Act and to amend the definition of intermediaries (as it reads presently). The amended Section 79 of the IT Act provides safe harbour for online intermediaries from “all unlawful acts” rather than only offence or contravention and incorporates the requirement for due diligence for claiming safe harbour. It is an exemption provision which provides conditional immunity to the intermediaries as long as they prescribe to the provisions/conditions of the section.
- The Information Technology (Intermediaries Guidelines) Rules, 2011 (“Intermediary Guidelines”) (2011)
After the amendment to the IT Act in 2008, the Government of India introduced the Intermediary Guidelines, which were mandatory for all intermediaries to follow for claiming safe harbour protection. These are to be read in consonance with the IT Act and the due diligence requirements that must be observed by intermediaries, provided under Rule 3, are:
- Rules and regulations, terms and conditions or user agreement shall specify all prohibited acts, i.e. belonging to other persons, grossly harmful, harassing or unlawful, harms minors, infringes any intellectual property rights, violates any law, is deceiving or misleading, impersonates any person, contains virus, threatens India etc. and the intermediary should inform users that violation of same shall lead to termination of access,
- Intermediaries to not knowingly host or publish information as specified in sub-rule (2),
- Intermediaries to disable such information within 36 hours and storage of same for 90 days for investigation purposes,
- Intermediaries to provide assistance to authorised government agencies,
- Intermediaries to take all reasonable measures to secure its computer resource,
- Intermediaries to report cyber security incidents to the Indian Computer Emergency Response Team and
- Intermediaries to appointment and publish the details of a Grievance Officer on its website.
However, the IT Act and the Intermediary Guidelines were inundated by various issues such as ambiguity in prohibited content and forced decision by intermediaries. Further, any person could request the intermediaries to take down the unlawful content. However, these issues were mostly resolved in the Shreya Singhal judgement.
- Shreya Singhal v Union of India (2015)
In 2015, in the landmark Shreya Singhal judgement, the Supreme Court for the first time recognized the Indian citizen’s free speech rights over the Internet by striking down the draconian Section 66A of the IT Act, which provided for punishment for sending offensive messages through communication services.
Further, regarding intermediary liability, the Court held that “Section 79 is valid subject to Section 79(3)(b) being read down to mean that an intermediary upon receiving actual knowledge from a court order or on being notified by the appropriate government or its agency that unlawful acts relatable to Article 19(2) are going to be committed then fails to expeditiously remove or disable access to such material…. Similarly, the Information Technology "Intermediary Guidelines" Rules, 2011 are valid subject to Rule 3 sub-rule (4) being read down in the same manner as indicated in the judgment.”
The Court also observed that “it would be very difficult for intermediaries like Google, Facebook etc. to act when millions of requests are made and the intermediary is then to judge as to which of such requests are legitimate and which are not.”
Subsequently, in the case of Kamlesh Vaswani v Union of India, the Supreme Court issued directions to intermediaries to disable specific content where website operating child pornography was sought to be restricted.
- My Space Inc. vs Super Cassettes Industries Ltd. (2017)
In this case, the division bench of the Delhi High Court distinguished Copyright matters and held that if intermediaries were given the responsibility of identifying illegal content, it could have a chilling effect on free speech and will lead to private censorship. This judgment dealt with uploading of music on myspace.com and a copyright infringement suit was brought by Super Cassettes India Ltd.
The Court also gave the concept of ‘actual or specific knowledge’ and held that intermediaries can be held liable if they have actual or specific knowledge of the existence of infringing content on their website from content owners and despite such notice, they do not takedown the content. There is no necessity of a court order in such cases. The Division Bunch further pronounced that “in case of internet intermediaries, interim relief has to be specific and must point to actual content, which is being infringed”.
- Kent Ro Systems Ltd & Anr vs Amit Kotak & Ors (2017)
In this case, the Petitioner, in a suit for permanent injunction against the Respondent for infringing its intellectual property rights by copying its designs, also added eBay India as a party for permitting the Respondent to advertise, offer to sell and sell its product on its website.
The Court held that “to hold that an intermediary, before posting any information on its computer resources is required to satisfy itself that the same does not infringe the intellectual property rights of any person, would amount to converting the intermediary into a body to determine whether there is any infringement of intellectual property rights or not… The IT Rules, according to me do not oblige the intermediary to, of its own, screen all information being hosted on its portal for infringement of the rights of all those persons who have at any point of time complained to the intermediary… Merely because intermediary has been obliged under the IT Rules to remove the infringing content on receipt of complaint cannot be read as vesting in the intermediary suo motu powers to detect and refuse hosting of infringing contents… I am of the view that to require an intermediary to do such screening would be an unreasonable interference with the rights of the intermediary to carry on its business.” Thus, the Court reiterated the specific knowledge principle of the Myspace case.
Subsequently, in Lifestyle Equities C.V. and Ors v Amazon Sellers Service Private Limited & Anr., the Court directed Amazon to share the details about the person who had uploaded the links as well as to remove the links advertising the infringing and counterfeit goods.
Further, on July 26, 2018 in Rajya Sabha, India’s IT minister, Ravi Shankar Prasad spoke on the issue of “Rising Incidents of Violence and lynching in the country due to misuse of social media platforms” and said that if social media platforms “…do not take adequate and prompt action, then the law of abetment also applies to them.” Further, he also said that some provisions of the IT Act need to be “revised and reinforced so that they can respond to the emerging challenges. This is proposed to be done by strengthening the implementation aspects of Section 79 of IT Act, 2000.”
- Christian Louboutin SAS v. Nakul Bajaj and Ors (2018)
In this case, the Delhi High Court clarified the responsibilities and liabilities of ecommerce intermediaries that were previously undetermined. The Plaintiff filed a trademark infringement suit alleging that the Defendant sells counterfeit products bearing the Plaintiff’s name on its website, uses the image of the founder of the Plaintiff, and the names “Christian” and “Louboutin” are used as meta-tags on the Defendant’s website to attract internet traffic. However, the Court did not hold the Defendant liable for trademark infringement.
The Court held that the Defendant was not an intermediary and was an “active participant” and thus, would be liable for infringement. It was observed that the Defendant’s role was more than an intermediary as it was identifying the sellers, enabling the sellers actively, promoting them and selling the products in India. It was also observed that so long as they are mere conduits or passive transmitters of the records or of the information, they continue to be intermediaries, but merely calling themselves as intermediaries does not qualify all ecommerce platforms or online market places as one.
The Court also held that the conduct of intermediaries, in failing to observe ‘due diligence’, could amount to ‘conspiring, aiding, abetting or inducing’ unlawful conduct and would disqualify them from the safe harbour exemption, as per Section 79(3)(a).
- Draft Information Technology [Intermediaries Guidelines (Amendment) Rules], 2018, (“Draft Rules”) (2018)
On December 24, 2018, Ministry of Electronics & Information Technology released the Draft Rules for amending the existing Intermediaries Guidelines to curb the “Misuse of Social Media and spreading Fake News”. These Draft Rules place several obligations on the intermediaries, some of which are enabling traceability to determine the originator of the information for assistance to law enforcement, proactive monitoring of content uploaded on its platform by deploying automated tools, takedown of illegal content within 24 hours, and mandatory incorporation of companies having more than 5 million users in India.
- M/S Luxottica Group S.P.A & Another vs M/S Mify Solutions Pvt Ltd & Ors (2019)
The Plaintiff filed a trademark infringement suit alleging that the Defendant sells counterfeit products of the Plaintiff’s brand OAKLEY. The Court held that the due diligence and care required under the IT Act had not been met and the Defendant was guilty of trademark and copyright infringement. The Court herein applied the tests laid down in the Christian Louboutin case to determine whether the ecommerce platforms claiming to be exempted under Section 79 of the IT Act actually qualify as intermediaries or not. The Court observed that presence of any element which shows active participation could deprive intermediaries of the immunities and factors such as allowing storing of counterfeit goods, using the mark in an invoice, advertising the mark etc., would determine whether the entity in question is an intermediary or not.
- Amway India Enterprises Pvt Ltd v 1Mg Technologies Pvt Ltd & Anr. (2019)
One of the main issues in this case was the conflict between Direct Selling Business and ecommerce platforms and whether the intermediary had stepped into the shoes of the seller by setting its own retail prices, discounts, return/refunds policies etc. Thus, the issue was whether the intermediary had violated the Direct Selling Guidelines issued by the Government, which were binding on the Plaintiff. In this regard, the Single Judge held that the Direct Selling Guidelines were binding on ecommerce platforms and the sellers on such platforms. However, the Division Bench held that such guidelines are advisory in nature and are not law and thus, not enforceable.
Further, the Court also gave a detailed reasoning as to why major ecommerce giants are actively involved and thus, do not qualify as intermediaries entitled to protection under the safe harbour provided in Section 79 of the IT Act. It was held that any non-compliance of the due diligence requirements as per the Intermediary Guidelines and failure to adhere to their own policies would make the ecommerce platforms liable. The Division Bench also observed that the value-added services provided by the Defendant as online market places, do not dilute the safe harbour granted to them under Section 79 of the IT Act.
From the statutory provisions and the judicial pronouncements mentioned above, it is observed that the rights, immunities and liabilities of intermediaries in India are ever-changing and constantly evolving. However, it is apparent that the trend in India is towards more stringent intermediary liability. At present, Section 79 of the IT Act, the Intermediary Guidelines as well as the Shreya Singhal Judgement, is the authoritative law of the land on intermediary liability. Thus, intermediaries cannot be held liable unless they had proper information, and unless proper order is given by the requisite authority. Further, the information provided to the intermediaries needs to be specific and not broad and right owners should not request intermediaries to be vigilant about any future violations. However, the intermediaries are expected to demonstrate “due diligence”.