NEED FOR HAVING FRESH LOOK AT INTERMEDIARY LIABILITY
BY
DR. PAVAN DUGGAL
ADVOCATE, SUPREME COURT OF INDIA
CHAIRMAN, INTERNATIONAL COMMISSION ON CYBER SECURITY LAW
Today is the world of intermediaries. We are all surrounded by intermediaries who are providing all kinds of services to us, using data and information in the electronic form. A number of these intermediaries are providing multi-media and related media services. A number of these intermediaries are often assuming the role of media companies. Actual world media companies are governed by certain specific legal frameworks. However, the same frameworks themselves do not seem to apparently apply to these intermediaries operating as media companies. This is all the more so, given the unique operation of the Indian Cyberlaw being the Indian Information Technology Act, 2000.
Section 2(1)(w) of the Indian Information Technology Act, 2000 defines intermediary in very broad terms to mean any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record. The said legal definition has been defined to include telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.
Section 79 of the Information Technology Act, 2000 provides that subject to the intermediary complying with certain requirements, an intermediary shall not be liable for any third party data or information made available by it. The conditions to be fulfilled by an intermediary include as follows:
- It needs to exercise due diligence while discharging their obligations under the law;
- It needs to comply with the provisions of the Information Technology Act, 2000 and rules and regulations made thereunder;
- It does not need to conspire or abet in the commission of any offence;
- Once called upon to remove or disable access to any content, it must expeditiously do so without vitiating the original electronic evidence in any manner whatsoever.
If the aforesaid conditions are fulfilled, the intermediary cannot be made liable for third party data. A majority of intermediaries are today hiding behind the judgement of the Hon’ble Supreme Court of India in the case of Shreya Singhal v/s Union of India.
The said judgement has held that an intermediary will not remove or disable access to any third party data on its network unless it gets either an order from a Court of competent jurisdiction or an order from a governmental agency to that effect. Ever since the Shreya Singhal judgment, majority of intermediaries have chosen to hide behind the said pronouncement and therefore have chosen to become mere mute spectators in respect of third party content on their network.
The tremendous spread of fake news on the electronic ecosystem is an immense concern for India as a nation. The recent Indian elections saw massive dissemination of fake news. Given the fact that India does not have a fake news law, majority of the intermediaries and media service providers have failed to take effective steps to prevent fake news disseminating on their networks. In this context, it is time to realize that the existing legal frameworks on the subject under hand are not adequate.
It needs to be also noted that the Government of India has been given powers under Section 87 of the Information Technology Act, 2000 to come up with rules and regulations to regulate the conduct of intermediaries. The Government of India had notified the Information Technology (Intermediary Guidelines) Rules in 2011 but the said Rules provided very limited elements of due diligence. After 2011, we haven’t seen any other new Rules specifying other areas of due diligence.
Given the fact that today large numbers of intermediaries are increasingly emerging as strong media companies, it is time to regulate their legal activities by means of appropriate strong legal frameworks. There is also a need for revisiting Section 79 of the Information Technology Act, 2000 in such a manner that the rights, duties and responsibilities of the intermediaries as media companies need to be appropriately well defined. Given today’s changed ground realities, the responsibilities of these Internet media companies to assist in the fight against fake news need to be appropriately well stipulated.
Further, the kind of requirements that the service providers and intermediaries need to perform in the context of protecting and preserving cyber security is another area where appropriate legal frameworks need to be beefed up. The Government of India has been in the process of coming up with some draft guidelines for intermediaries. However, the said guidelines have not yet been specified as yet. The time has come for India to start having a fresh look on the entire issue of intermediary liability.
At the end of the day, it is very clear that these intermediaries will play a very important role in the electronic ecosystem. The importance and significance of this role is well recognized but the need for transforming intermediaries from being mute spectators into legal entities, complying with the applicable law prevailing for the time being in force is an urgent necessity. Further, given the fact that number of these intermediaries are often not located in India, numerous intermediaries often are complying with the Indian Cyberlaw more in breach rather than in observance.
It is time to ensure that intermediaries located outside India must be compelled to comply with applicable Indian cyberlaws, so long as their services are made available on computers, computers systems and computer networks physically located in India. New thought process in this regard needs to be evolved. All eyes will now be on the Government as to how it deals with the issue of intermediary liability and how it strengthens the rights of users and provides a substantial harmonious balance, in the context of media and electronic ecosystem stakeholders at large.
It will be interesting to watch the developments in this regard as time passes by.
The author Dr. Pavan Duggal, Advocate, Supreme Court of India, is an internationally renowned expert authority on Cyberlaw and Cybersecurity law. He has been acknowledged as one of the top four Cyber lawyers in the world. He is also the Chairman of International Commission on Cybersecurity Law. You can reach him at pavan@pavanduggal.com. More about Dr. Pavan Duggal is available at www.pavanduggal.com.