Intermediaries must be accountable
They assume the role of media companies, but escape the legal obligations that come with it
Today is the world of intermediaries. We are surrounded by intermediaries, which provide all kinds of services to us, using data and information in electronic form. A number of these intermediaries provide multimedia and related media services. They often assume the role of media companies. Actual media companies are governed by specific legal frameworks. However, the same frameworks do not seem to apply to these intermediaries operating as media companies. This is all the more so, given the unique operation of the Indian cyberlaw under the Indian Information Technology Act, 2000.
Section 2(1)(w) of the Indian Information Technology Act, 2000 defines an intermediary in broad terms to mean any person who on behalf of another person, receives, stores or transmits that record or provides any service with respect to that record.
This has been defined to include telecom service providers, network service providers, Internet service providers, web hosting service providers, search engines, online payment sites, online auction sites, online market places and cyber cafes.
Also read: Technology companies are taking Indian users for a ride
Section 79 of the Information Technology Act, 2000 provides that subject to the intermediary complying with certain requirements, it shall not be liable for any third party data or information made available by it. The conditions to be fulfilled by an intermediary include the following:
a) It needs to exercise due diligence while discharging obligations under the law;
b) It needs to comply with the provisions of the Information Technology Act, 2000 and rules and regulations made thereunder;
c) It must not need to conspire or abet in the commission of any offence;
d) Once called upon to remove or disable access to any content, it must expeditiously do so without vitiating the original electronic evidence.
If these conditions are fulfilled, the intermediary cannot be made liable for third party data. A majority of intermediaries are today hiding behind the judgement of the Supreme Court of India in the case of Shreya Singhal v/s Union of India.
This held that an intermediary will not remove or disable access to any third party data on its network, unless it gets either an order from a court of competent jurisdiction or an order from a governmental agency to that effect. Ever since the Shreya Singhal judgment, a majority of intermediaries have chosen to hide behind this pronouncement.
The spread of fake news in the electronic ecosystem is an immense concern for India as a nation. The recent Indian elections saw massive dissemination of fake news. Given the fact that India does not have a fake news law, a majority of the intermediaries and media service providers have failed to take effective steps to prevent fake news disseminating on their networks. Clearly, existing legal frameworks on the subject under hand are not adequate.
It needs to be also noted that the government has been given powers under Section 87 of the Information Technology Act, 2000 to come up with rules to regulate the conduct of intermediaries. The government had notified the Information Technology (Intermediary Guidelines) Rules in 2011 but these rules provided very limited elements of due diligence.
Given the fact that today large numbers of intermediaries are emerging as strong media companies, it is time to regulate their legal activities by means of appropriate strong legal frameworks. There is also a need for revisiting Section 79 of the Information Technology Act, 2000 in such a manner that the rights, duties and responsibilities of the intermediaries as media companies need to be well defined.
Further, the kind of requirements that service providers and intermediaries need to perform in the context of protecting and preserving cyber security is another area where appropriate legal frameworks need to be beefed up. The government has been in the process of coming up with some draft guidelines for intermediaries. However, these have not yet been specified. It is time for a fresh look at the issue of intermediary liability.
It is clear that these intermediaries will play a very important role in the electronic ecosystem. The need to transform intermediaries from being mute spectators into legal entities, complying with the applicable law prevailing for the time being is an urgent necessity. Since a number of these intermediaries are often not located in India, many are complying with the Indian cyber law more in breach rather than in observance.
Intermediaries located outside India must be compelled to comply with applicable Indian cyber laws, so long as their services are made available on computers, computers systems and networks located in India. All eyes will now be on the government as to how it deals with the issue of intermediary liability and how it strengthens the rights of users and provides a substantial harmonious balance, in the context of media and electronic ecosystem stakeholders at large.
Pavan Duggal is an advocate, Supreme Court of India. He is also Chairman, International Commission on Cybersecurity Law
The views expressed are personal