Guest Post: ISP liability in light of the ITAA, 2008.

A couple of days ago, we had reported here about the IT Amendment Act finally coming into force. This was pointed out by one of our readers, Aditya Gupta who as I had mentioned previously is a final year student at the National University of Law, Jodhpur. I have the pleasure of knowing Aditya personally, having worked with him previously during a legal internship. Apart from being among the top ranked academically in his Batch, Aditya has also been a Student Teaching Assistant for the ‘Patent Law, Practice and Procedure’ course at his University and one of the select few awarded the Microsoft Intellectual Property Rights Scholarship, 2009 under the Microsoft Intellectual Property Rights Scholarship Program this year.

For this particular post, Aditya has authored a detailed overview on the effects of the IT Amendment Act in context of ISP Liability.

The ITAA, 2008 and ramifications on ISP liability
The Information Technology (Amendment) Act, 2008 finally came into on October 27, 2009 putting to rest the controversy regarding its applicability and notification. The provisions of the Amendment Act had been criticized severely with many cyber law experts vying for further modification in the IT (Amendment) Bill, 2000. This had forced the Government to review the Justify FullBill before finally notifying the date on which the Amendment Act was to come into force. However, the Government notification on October 27, 2009 stipulates that the IT (Amendment) Act, 2008 has come into force as it is.

Effect of amendment on ISP/OSP liability

The Information Technology (Amendment) Act, 2008 brings far reaching changes in Internet Service Provider regime in India. Section 79 of the IT Act, 2000 (as amended) has been substantially amended, expanding the scope of the immunities it seeks to provide.

Definition of intermediaries

The amendment provides clarity on the class of intermediaries on which Section 79 is applicable. The concept of network service providers has been done away with (the term “network service providers” in the old Section 79 was by and large redundant, since the explanation to the section provided that the term was to be interpreted to mean intermediaries). The immunities are now available to an intermediary which has been defined under Section 2(w). Section 2(w) has also been amended and now provides an expansive and comprehensive definition of intermediaries. The term intermediary now include telecom service providers, internet service providers, web – hosting service providers, search engines, online payment sites, online auction sites, online market places and cyber cafes. In my opinion, there is no other legislation on the subject which extends immunity from liability to such a wide class of intermediaries. In fact, the extent of immunity available to intermediaries such as search engines, cyber cafes is greatly disputed in many jurisdictions such as the United States and the EU, and has been a subject of judicial deliberation. By providing such a wide definition to the term ‘intermediary’, the availability of immunities to such categories of intermediaries in India is established by the statute itself, thereby leaving no room for judicial vagaries.

Immunity under any law in force

The most significant ramification of the amendment is that the immunity under the IT Act now extends not only to the liabilities arising under the IT Act, 2000 but to liabilities arising under any law in force in India. Therefore, an ISP can claim immunity from liability under Copyright Act, 1957 or criminal liability under the Indian Penal Code by virtue of Section 79 of the IT Act, 2000. This change has been brought about by the introduction of a non – obstante clause in Section 79 which provides that the immunity shall be available to intermediaries ‘notwithstanding anything contained in other law for the time being in force’.

Scope of the immunity available to intermediaries

Section 79(1) of the amended Act stipulates that intermediaries shall not be liable for any third party information, data, or communication link made available or hosted by him. The plain reading of the Section indicates that the scope of the liability is very wide, and is available for any third party content hosted by the intermediary. Thus, the immunity under Section 79 is available to the intermediary irrespective of whether such a content is copyright infringing or defamatory or obscene in nature.

Exceptions and conditions

That being said, it is pertinent to note that Section 79 does not provide blanket immunity to intermediaries. Section 79(1) is made subject to the provisions of subsections (2) and (3) of Section 79. Section 79(2) stipulates certain conditions required to be fulfilled by intermediaries for claiming the immunity. Section 79(2) contains 2 disjunctive conditions under clause (a) and (b). Clause (a) protects ‘access only ISPs’ i.e. those intermediaries whose role is limited to providing access to a communication system. Clause (b) has been borrowed from Regulation 17 of the Electronic Commerce (EC Directive) Regulations, 2002 and in essence provides that the intermediary must not exercise any ‘control’ over the information for claiming immunity. Therefore to claim immunity, the immunity must not be involved in the initiation of transmission, the selection of the receiver of such transmission or the selection or modification of the information. Involvement in any of these three acts would make the immunity unavailable to the intermediary.

Further, in addition to above two disjunctive conditions, the intermediary is required to exercise due diligence for claiming said immunity. Now, the standard of due diligence which the intermediaries are required to exercise shall be subject to judicial interpretation. In my opinion, this shall form a major bone of contention in most ISP liability cases, since due diligence is a vague and nebulous concept, and its exercise or lack of is a debatable issue. The case of Avnish Bajaj v. State of Delhi [150 (2008) DLT 279] (the famous case) provides some guidance as to the level of due diligence expected from ISPs. In this case, the Court held that the ISP had failed to exercised due diligence. It based its finding on the fact that the website failed to provide for efficient filters to screen pornographic content and it failed to introduce any operative or policy changes to prevent the listing/display/sale of the same on the portal.

Section 79(3) provides for cases where the intermediary in which disentitled to claim the immunity. As per Section 79(3)(a), the intermediary is not entitled to immunity where it aids, abets or induces the commission of the unlawful act. This is to impose liability in cases where the intermediary is activity involved in the infringing activity.

Secondly, the intermediary is required to remove the infringing material on receipt of notice of the same (notice and take down). It is pertinent to note here that there are no counter notification procedures under Section 79. Such counter notification procedures are essential to ensure that services of the intermediary is not jeopardized by frivolous claims by right holders. The DMCA, 1998 which provides for such counter notification procedures mandates the service provider to restore access to the information at the direction of the alleged infringer who feels that he or she has been wronged by such removal. Without such counter notification procedures, Section 79(3)(b) of the IT Act, 2000 (as amended) has immense potential for abuse, and can be misused by right holders even in cases where no bona fide claim exists.

Liability to be imposed under other Acts

It bears noting that where the conditions under Section 79(2) are not satisfied or where the exceptions to liability are applicable, the liabilities can be imposed on intermediaries. However, Section 79 of the IT Act only contains the immunities available to the intermediaries. Thus where liability is to be imposed on intermediaries, it can be done only by reference to other statutes such as the Copyright Act, 1957. In my opinion, there is a need for further amendment in these liability – imposing statutes, since the traditional provisions contained in these statutes are insufficient to effectively deal with complex issues of intermediary liability.

In conclusion, the amendment to Section 79 of the ITAA, 2008 is a laudable effort, since it provides much needed clarity regarding the immunities which are available to intermediaries under Indian law. The conditions and exceptions provided under Section 79 are by and large able to strike the right balance between the interests of the right holders and the ISPs. However, further amendment is required for introduction of counter notification procedures as well as in liability – imposing statutes in order to establish a comprehensive and exhaustive statutory mechanism for dealing with issues relating to ISP liability.


About The Author

1 thought on “Guest Post: ISP liability in light of the ITAA, 2008.”

  1. I would like highlight one more point here… Government is also reserved some of its rights by mentioning that they can issues guidelines in respect to due diligence and this shows that Govt. has not completely made it very liberal…

Leave a Comment

Scroll to Top