This is the first part of a two-part post authored by Kavya Jha and Ananya Singh, fourth-year law students at RGNUL, Punjab.
In light of the ongoing attempts to provide intermediaries with the right degree of protection, this essay seeks to juxtapose the Indian approach to safe harbour protection with the American approach. It argues that both these jurisdictions have taken opposite but extreme approaches: while India has narrowed down the safe harbour protection from what was originally intended by the legislature, the American courts have interpreted the safe harbour provisions so expansively that an imbalance has been created in favour of the intermediaries. The essay, thus, recommends a balanced approach to providing safe harbour protection to intermediaries.
In the era of the internet revolution, legislators face a unique set of challenges for regulating illegal speech and content online. A central question that arises is: to what extent should intermediary platforms be held liable? Legislatures and judiciaries of various countries have tried to address this question; however, while doing so, the correct balance between free speech on the internet and intermediary liability is rarely achieved.
To uncover this imbalance, this essay analyses two jurisdictions, India and the United States (“US”), with opposite approaches to the safe harbour protection given to intermediaries for acts of third parties. Important aspects of safe harbour protection, such as degree of participation and knowledge requirements, are discussed. Part I of the essay analyses the contours of India’s safe harbour protection provided to intermediaries in light of the existing legislation and case laws. Part II throws light on the legislative framework for intermediary liability in the US as well as the judicial interpretation of these provisions. Part III juxtaposes the Indian approach with the American approach, and attempts to provide recommendations to adopt a more balanced approach to safe harbour protections.
Part I: The Indian Approach
In 2008 the CEO of an online auction website was charged with criminal liability for a user’s act of uploading an obscene clip on the website, despite having no knowledge of the same. This incident brought to light the limitations of the Information Technology Act, 2000 (“the Act”), the key law pertaining to cyber crimes and e-commerce, under which an intermediary could be held liable for publishing or circulating certain material not generated by it.
To address this, the Information Technology (Amendment) Act, 2008 (“the Amendment”) was introduced. It changed the scope of the Safe Harbour Protection provided to intermediaries under the Act, by widening the definition of ‘intermediary’ to include e-commerce websites, interactive websites, search engines, internet service providers, etc. It also provided protection to intermediaries from any liability arising out of ‘any law’. Earlier, this exemption was only limited to the liability provided under the Act.
After the Amendment, the question as to whether an intermediary could avail the safe harbour protection under Section 79(1) of the Act was determined on the basis of two factors: first, whether the intermediary had an actual knowledge of the unlawful act, and second, whether it complied with the due diligence obligations prescribed under Section 79(2). One of the key requirements under this section is compliance with the guidelines issued by the Central Government.
Information Technology Rules, 2021
In February 2021, the Central Government notified Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“the Rules”), to replace the Information Technology (Intermediary Guidelines) Rules, 2011. Part II of the Rules, which is applicable to intermediaries, distinguishes between “Social Media Intermediary” and “Significant Social Media Intermediary” (“SSMI”) on the basis of the number of users. Prior to this, no law had created a distinction between different types of intermediaries with respect to the safe harbour protection.
The Rules impose an increased burden on SSMIs (i.e. intermediaries with over fifty lakh users) by requiring them to comply with additional requirements to obtain safe harbour protection. Such requirements include appointing a “Chief Compliance Officer,” a grievance officer, publishing monthly compliance reports, and enabling identification of the first originator of information. They also have to ensure that information similar to the previously blocked content is not available on the website.
The Rules have been criticized for doing more harm than good by encouraging government intervention. The Ministry of Information and Broadcasting has been conferred with wide powers including the power to block certain information on an emergency basis and issue appropriate orders to the publishers.
The Rules have raised several concerns amongst stakeholders as they fail to provide procedural safeguards against government intervention. This has led websites such as The Quint and The Wire to challenge the constitutional validity of the Rules. They apprehend that Rule 7, which deals with the dilution of the safe harbour protection on non-compliance, might become a tool for curtailment of their right to free speech. The matter is still pending before the Delhi High Court.
The Rules have especially caused ripples among social media websites. WhatsApp has challenged the obligation for identification of the first originator of the information arguing that to identify the first originator, it will have to forgo its “end-to-end data encryption policy.” This would be a direct violation of the right to privacy of the users. Twitter India has also found itself in troubled waters as it might have already lost its safe harbour protection over certain non-compliances under the Rules. Though it is ultimately for the Court to decide over this question of law, the website has already been facing adverse consequences in the form of FIRs against it.
The Saga of Contradictory Decisions
In India, the eligibility of an e-commerce entity to qualify as an intermediary is based on the business model that it follows. If the e-commerce entity is acting as a mere platform or a third-party facilitator between the buyers and sellers, then it will be classified as an intermediary under the Act. However, such an entity acting as an inventory and directly selling or rendering its own goods and services to the consumers will not qualify as an intermediary and in turn, will be ineligible to avail safe harbour protection under Section 79 of the Act.
In recent years, the question of dilution of the safe harbour principle has also been analysed by taking into consideration the extent of participation of an entity. In Christian Louboutin SAS v. Nakul Bajaj (“Louboutin”), the question of liability of an e-commerce website in light of trademark infringement was dealt with. The Delhi High Court (“HC”) drew a distinction between an active and passive intermediary on the basis of its involvement in functions such as the provision of authenticity guarantee and transportation, storage, and delivery facilities. It held that if an e-commerce entity meets a large number of such functions enlisted, it would then qualify as an “active participant” and therefore, would be ineligible for the safe harbour protection. However, in the 2020 case of Amazon Seller Services v. Amway India Enterprises, (“Amazon”) the Delhi HC set aside the distinction between active and passive intermediaries on the ground that it goes against the legislative intent of Section 79 of the Act. As the broad categories of functions, enlisted in the Louboutin case, are performed by the majority of e-commerce websites on a daily basis, such a distinction might unnecessarily rob these websites of the safe harbour protection.
In Shreya Singhal v. Union of India, the Supreme Court highlighted that it would be nearly impossible for intermediaries such as Google to monitor the material closely and check for the illegal content. However, the Court clarified that the intermediaries will lose their safe harbour protection if they fail to remove data even after receiving actual knowledge of the same in the form of a court order or a government directive. The concept of ‘actual or specific knowledge’ was elaborated by the Delhi HC in My Space Inc. v. Super Cassettes Industries. It was held that if an intermediary is notified about infringing content by the owners of copyrighted content, it would have actual knowledge and failure to remove such content would make the intermediary liable, even in the absence of a court order. However, the Court also acknowledged that it would be unreasonable to allocate the responsibility of identifying the infringing content to intermediaries. This was reiterated in Kent RO Systems v. Amit Kotak, where the Delhi HC held that placing this onus on websites would intervene with their rights to carry on their business.
Therefore, there exists a grey area in the Indian jurisprudence with respect to the safe harbour protection. The Courts have merely added to the ambiguity by rendering conflicting judgments.