Intermediaries under the Information Technology Act, 2000

Intermediaries

  An Intermediary is an Internet Service Provider which provides its platform for selling any goods or services or providing any service relating to an electronic record or communication.

  It would include any web hosting company, online auction site, online market place, or online payment sites and cybercafes.

  It includes network and telecom service providers too.

  Thus, it would include carriers of information (such as gmail service) and also a payment gateway (such as Pay pal, or Pay tm service)

Definition of Intermediary under the Information Technology Act, 2000

  Under Information Technology Act, 2000, Section 2(1) (w) defines an ‘Intermediary’ as ‘any person who on behalf of another person receives, stores, transmits that record or provides any service with respect to electronic record and includes telecom service providers, internet service providers, web hosting service providers, search engines, online payment sites, online auction sites, online market place and cyber café.’

  Thus, it includes any website that facilitates and brings together two interest groups such as retailers and consumers in an online shopping mall or carrier of mail service such as gmail or yahoo mail service.

  Before the IT (amendment) Act,2008, an intermediary was erstwhile defined with respect to an electronic message as “any person who on behalf of another person receives, stores or transmits that message or provides any service”.

  This was a narrow definition as compared to the present definition that has broadened both the scope and ambit of the term ‘intermediary’.

Liability of Intermediaries (Safe Harbour)

  In India, Section 79 of the Information Technology Act, 2000 specifically deals with the issue of liability of Intermediaries.

  It states that an Intermediary is not liable for any third party information, data or communication link made available or hosted by him except as specified in Sections 79(2) and (3) of the IT Act,2000.

  The ‘third party information’ is described in explanation 2 to Section 79 of the IT Act,2000 as any information dealt with by an Intermediary in his position as an Intermediary.

  For example, a social media portal is an intermediary where users may post third party information by posting the user generated content such as pictures, comments or other posts.

  According to Section 79(2) of the IT Act,2000, an Intermediary is not liable if its only role is to provide access to a communication system over, which information is posted by third party and ‘transmitted or temporarily stored or hosted’.

  Further, the section provides that an Intermediary is not liable if it neither initiates the transmissions nor selects recipients and select or change the information contained in the message which is transmitted. (Section 79(2)(b) of I.T. Act,2000).

  An Intermediary is liable not for third party information if it complies with due diligence requirements laid down by the Central Government.

  Section 79(3) of the IT Act,2000 prescribes the conditions when an Intermediary is liable for third party information.

  An Intermediary is liable for third-party information, if it conspires or abets or aids or induces through threats or promises or otherwise to commit an unlawful act.

When is Intermediary Liable

  The Intermediary is liable if on receiving actual knowledge or receiving a notice from the Government or its Agency that any information residing in or connected to a computer resource which is managed by an Intermediary used to commit an illegal act and the Intermediary thereafter does not efficaciously remove that material without tampering or destroying the evidence in any manner.

  The liability of Intermediaries before the I.T. (Amendment) Act, 2008

  Before the I.T. (Amendment) Act,2008 was passed, Section 79 dealing with liability of intermediaries was ambiguously worded.

  The erstwhile Section 79 stated that an Internet Service Provider was not liable under the Act for any third party information or data made available by him if he could prove that the offence or contravention was committed without his knowledge or he has exercised due diligence to prevent the commission of such offence or such contravention.

  There the onus to prove lack of knowledge or exercise of due diligence was on the Intermediaries without any exemption given to any class of Intermediaries.

  Section 79(3) of I.T. Act,2000 post the amendment in 2008, shifts onus of proof on the person affected.

  The affected person needs to prove that the Intermediary has conspired or abetted the commission of unlawful act (which is quite onerous to prove).

  Also, Section 79(3)(b) of the IT Act,2000 makes an Intermediary liable for failure to take necessary action if after actual knowledge or notice by a Government Agency, it does not disable access or removing illegal content without destroying the evidence.

  This means actual notice will be required to establish liability of any Intermediary.

  The earlier Section 79 of the IT Act,2000 was only applicable to network service provider which were regarded as an Intermediary

  An Intermediary was erstwhile defined as “with respect to an electronic message means any person who on behalf of another person receives, stores or transmits that message or provides any service”.

  This was a narrow definition as compared to the present definition which expressly includes categories such as telecom service providers, network service providers, cyber cafes within the ambit of the definition.

Safe Harbour

  Section 79 of the Act is a ‘safe harbour’ provision which grants conditional immunity to intermediaries from liability for third party acts.

  Section 79(1) of the Act grants intermediaries a conditional immunity with regard to any third party information, data or communication link made available or hosted by them.

  This immunity is subject to section 79 (2) and 79 (3) of the Act. 

  Section 79(2) essentially covers cases where the activity undertaken by the intermediary is of a technical, automatic and passive nature.

  Thus, for section 79(2) to be applicable, intermediaries are to have neither knowledge nor control over the information which is transmitted or stored.  

  Furthermore, Section 79(3)(b) envisages a ‘notice and take down’ regime, wherein the intermediary is required to take down unlawful content upon receiving actual knowledge of its existence.

  In Shreya Singhal vs. UOI, the Supreme Court read down Section 79(3)(b) to mean that an “intermediary upon receiving actual knowledge from a court order or on being notified by the appropriate government or its agency that unlawful acts relatebale to Article 19 (2) are going to be committed then fails to expeditiously remove or disable access to such  material”. 

  Thus, an intermediary is only required to act upon receiving a court order or a notification from the appropriate government or its agency.

  The intermediary is not required to exercise its own discretion regarding the material which is to be removed or disabled. 

  This safe Harbor protection is available to an Intermediary irrespective of any inconsistency with any other law applicable in India as Section 79 of the IT Act,2000 begins with the terms “notwithstanding anything contained in any law for the time being in force”.

  It is similar to the position in United States and the safe Harbor provisions applicable to Intermediaries.

Case Law on liability of Intermediaries:

  Before Section 79 of the I.T. Act,2000 was amended in 2008, the Intermediaries were under an obligation to prove lack of knowledge and that they have adopted due diligence in order to escape liability.

  It was not clarified whether the requirement of knowledge is constructive or actual acknowledge.

  In Sanjay Kumar Kedia v. Narcotics Control Bureau the petitioner’s plea to escape liability under the old section 79 was rejected by the court as the petitioner’s company had actual knowledge of the malafide actions of sale of ‘psychotropic substance’ through their website which violated the Narcotic Drugs Psychotropic Substance Act, 1985.

  On this ground they were not considered to fall within the immunity provision provided under Section 79 of the I.T. Act,2000

  Obscene video on Intermediary website

  Avnish Bajaj v State (2005) 3 CompLJ 364 Del the CEO of Bazee.com failed to prove lack of knowledge and adoption of due diligence when a third party uploaded MMS of two students of a school on its auction site.

  The FIR against the Director was not quashed as Section 85 of the I.T. Act,2000 made a Director vicariously liable for acts committed by the company as the Director was in charge of the conduct of the business of the company when such contravention was made.

  The court held that under Section 272 of Indian Penal Code there is no automatic liability of a Director for publishing obscene material by a third party in the absence of mensrea.

  FIR was quashed against the Director but vicarious liability existed due to the deeming provision of Section 85 of the I.T. Act,2000 r/w Section 67 of the I.T. Act,2000 which provides publication of obscene contents is an offence.

  According to Section 85 of the I.T. Act,2000 where an offence is made by a company every person who at that time was responsible for the conduct of the business of the company shall be liable to be prosecuted and punished unless the Director proves the lack of knowledge and compliance with due diligence.

  The provision of Section 85 of the IT Act,2000 fails to provide whether the knowledge should be constructive or actual knowledge.

  However, it is clear if a contravention is made with consent or connivance of a Director such person may be liable.

  Hence, the FIR was not quashed as despite actual notice the illegal material (MMS clip) was not removed for two days and the filtering mechanism failed to block publication of such content.

  Later this decision was overruled in Anita Handa v. God Father Travels and Tours (P) Ltd. wherein the Hon’ble Supreme Court considered the case of Avnish Bajaj v. State popularly known as the Bazee.com case along with the other Criminal Appeals to decide the question of liability.

  The Court considered the material question whether a Director shall be liable in case a company is not arraigned as an accused in the complaint.

  The court held that in Section 85 of the I.T Act which provides for deemed liability of the Directors where an offence is committed by a company, a Director shall not be liable when complainant has not made the company as an accused.

  On this reasoning, the court quashed the proceedings against the Director as the company was not arraigned as an accused in the complaint.

  After the amendment of Section 79 of the I.T. Act,2000, the liability of an Intermediary has been clarified to some extent.

  The current law states that an Intermediary is not liable unless there is an actual knowledge with Intermediaries or the Intermediaries modify/select third party content and publishes it (provided it observes due diligence requirements and other conditions mentioned in Section 79 of the IT Act,2000) or is proved to have conspired/abetted in the commission of unlawful act by threats or promise.

  Defamatory material on Intermediary website

  In the case of Nirmaljeet Singh Narula v. Yashwant Sinha, the Plaintiff filed a suit for permanent injunction and damages against Bhadas4media. com a news portal.

  The Plaintiff filed an application for interim relief of temporary injunction against the Defendants on the ground that Defendants published false and malafide allegations against the Plaintiff which were defamatory in nature.

  It was alleged that the freedom of press was being misused by the Defendants as its sole agenda was to defame the Plaintiff.

  The court granted a conditional injunction restraining the Defendants from licensing, writing, publishing, hosting, advertising defamatory material against the Plaintiff through their website or other media.

  In defamation cases, a party may ask for compensation and/or prosecute accused under Section 500 of Indian Penal code, 1860, which prescribes punishment of imprisonment of upto 2 years and fine or both

  In another case, Vyakti Vikas Kendra v. Jitender Bagga the Delhi High Court granted interim injunction against the Defendant restraining them from publishing defamatory materials about the founder of Art Living Foundation on www.blogger.com.

  The court held that Defendant No.2 was an Intermediary within the definition of Section 2(1)(w) and Section 79 of the I.T. Act, 2000.

  On receiving actual notice the Defendant ought to remove such defamatory content within 36 hours.

  By virtue of this order, the Defendant No.1 was injuncted from sending any email or posting any materials defamatory to Plaintiff.

Infringing material in intermediary account

  In Olive e-business pvt ltd vs Kirti Dhanawat, (CS(OS) 2393/2011) the Hon’ble High court of Delhi directed Google India to freeze the email accounts of defendants who had allegedly stolen data of its ex employer and the account contained infringing material.

  Thus, an intermediary could be directed by courts to suspend/freeze email accounts if plaintiff seeks an injunction restraining defendants from using the email account.

  However, Intermediary would not be liable as it is only a carrier or provider of service and has no knowledge of contents being transmitted through its service nor selects a sender or receiver of emails.

Due diligence requirement of Intermediaries

  According to the Information Technology (Intermediaries Guidelines) Rules, 2011, Rule 3(2) requires Intermediaries to inform the users about

  the prohibition to host, display, upload, modify, publish, update or share any information which is defamatory or obscene, invades by the privacy

  hates speech, integrates money laundering or other illegal or harmful content to minors, infringes intellectual property, violates law , communicates grossly offensive or menacing message or spoofing, phishing, impersonation, virus or other worms to damage a computer resource or threaten unity, integrity, defense, security or sovereignty of India,

  friendly relations with foreign states or public order or incitement to commission of any cognizable offence or prevents any investigation of any offense.

  The guidelines also make it mandatory for every Intermediary to publish on its websites the privacy policy and terms of use on its website

  Rule 3 of the said Rules requires that an Intermediary shall not knowingly host or publish such materials or not initiate transmission or select the receiver or select or modify the transmitted information.

  After the Shreya Singhal v. Union of India case (AIR 2015 SC 1523) , the Section 66A of the I.T. Act was struck down as unconstitutional on the ground of ambiguity wherein similar words were used such as ‘grossly offensive’ or ‘menacing’

  It is yet to be clarified whether by virtue of striking down of Section 66A of the I.T. Act, the provision in Rule 3 of the I.T. (Intermediaries Guidelines) Rule will still hold good.

  Rule 3(4) states that on receiving actual knowledge of a complaint from an affected party in writing, an Intermediary ought to have disabled such content within 36 hours of receipt of such notice.

  The Rules clarify that mere transient of information with no human editorial control or removal of objectionable information on actual knowledge will not render an Intermediary liable.

  In a Landmark case, Nirmaljeet Singh Narula v. Indijobs@hubpages.com (CS(OS) 871/2012 order passed on 30th March, 2012), the Plaintiff filed a suit for permanent injunction against the Defendant from publishing defamatory articles about the Plaintiff on its website hubpages.com.

  In the application for interim injunction the court granted exparte ad interim from publishing any defamatory articles about the Plaintiff on its website within 36 hours from the service of the court order failing which it directed the Registrar to block the web site from public access within India.

  This is the first case in India where I.T. (Intermediary Guidelines) Rules,2011 were relied wherein the 36-hour deadline rule was used.

  The Plaintiff referred to and relied on Banyan Tree v. A. Muar Murali Krishna Reddy (2008(38) Ptc288(DEL) to prove that the Delhi High Court had jurisdiction over the foreign defendants as it conducted business in India and effectively targeted Indian customers.

  In According to Rule 3(8) of the said Rules, an Intermediary is required to adopt reasonable security practice to safeguard sensitive personal information it collects from any person.

  It recommends adoption of ISO 27001 as security measure.

  Rule 3(9) of the said Rules provides reporting requirements of Intermediaries to intimate Computer Emergency Response Team for cyber security incidents.

  Rule 3(10) of the said Rules prohibits Intermediaries from circumventing any law by adopting technical means which effects computer resource’s normal functioning.

  It mandates Intermediaries to publish the name of the Grievance Officer and establish a redressal mechanism for complaint by users within a specified timeframe.

 

Comments

Post a Comment

Popular posts from this blog

JOINT PROMISORS AND THE NATURE OF THEIR LIABILITY

  JOINT PROMISORS AND THE NATURE OF THEIR LIABILITY Sections 42, 43 and 44 of the Contract Act deal with the question of liability of the joint promisors. The following rules are contained in these Sections: The liability of the joint promisors is joint and several When two or more persons make a joint promise, the promisee may, in the absence of express agreement to the contrary, compel or more of such joint promisors to perform the whole of the promise. It depends on the discretion of the promisee as to which of the promisors are to be made liable for the whole of the promise. If one of the promisors is sued to meet the whole of the claim, he cannot say that as between different promisors, his liability is for a part of the promise only. For example, A, B and C jointly promise to pay D 3,000 rupees. D may compel either A or B or C to pay him 3,000 rupees. If two or more persons jointly take a lease, and their liability to pay the rent is joint and several under Section 43...
Read more
  List of Forms and Sections in Trademark Compiled by Ridhima Dixit ( https://www.linkedin.com/pulse/trademark-forms-india-per-rules-2007-riddhima-dixit/ )   As per the earlier provisions of law so prescribed under the Trademark Rules, 2002, there were 75 different kinds of forms for the various procedures relating to the trademark filing and registration. However, as per the proposed amendment, the Ministry of Commerce and Industry had issued the Trademark (Amendment) Rules, 2017. In the new set of rules, the number of forms were reduced to 8, to simplify and streamline the whole trademark filing and prosecution process. These forms are available online and are easy to access even by a layman, who does not have any knowledge on how to apply for a trademark protection. The purpose of each form is, thereby, very essential to be understood properly. 1.         TM- A  (‘Application for registration of a trademark’) This form...
Read more

CONTINGENT CONTRACTS

  CONTINGENT CONTRACTS What is a contingent contract According to Section 31, a contingent contract is a contract to do or not to do something, if some event, collateral to such contract, does not happen. When the contract is dependent or conditional upon the happening or non-happening of a certain future event, the contract is contingent. For example, A contracts to pay B Rs. 10,000 if B's house is burnt, this is a contingent contract. (Illustration to Section 31). The payment of the amount is contingent on the happening of a collateral event, i.e., the burning of the house. All contracts of insurance or indemnity aim at payment of money only after a certain event happens, or the loss is caused, and, therefore, they are contingent contracts. A wagering agreement is also a contingent contract, but that type of contingent contract has been specifically declared to be void by Section 30. A distinction is to be drawn between a contract under which a present obligation is created...
Read more