IT Law Project
IT Law Project
PANJAB UNIVERSITY,CHANDIGARH
1
SEMESTER- 10
B.COM LLB (SEC-D)
ACKNOWLEDGEMENT
The success and final outcome of this project required a lot of
guidance and assistance from many people and I am extremely
fortunate to have got this all along the completion of my project
report. Whatever I have done is only due to such guidance and I
would never forget to thank them.
IMAN SINGLA
ROLL NO: 236/20
SEMESTER-10
B.COM LLB(SEC-D)
2
INDEX
Introduction………………………………………………..
4
Intermediary……………………………………………….
5
Functioning of different types of
Intermediaries………….6
Liability Of
Intermediary………………………………….7
Exemption from
Liability………………………………...11
Conclusion………………………………………………..1
8
Bibliography……………………………………………...1
9
3
INTRODUCTION
The rapid advancement of digital technology has revolutionized the way people
communicate, conduct business, and access information. The internet serves as a vast
network where users can exchange data instantly, but this transformation has also led to
concerns regarding the regulation of online activities. In this digital ecosystem,
intermediaries play a crucial role by providing platforms that facilitate communication, e-
commerce, and content sharing. However, the increasing misuse of digital platforms for
cybercrimes, defamation, copyright infringement, and the spread of fake news has raised
legal questions about the liability of intermediaries for third-party content.
To address these concerns, the Information Technology Act, 2000 (IT Act) was enacted as
the primary legislation governing cyber activities in India. Among its various provisions,
Section 79 of the IT Act provides a "safe harbor" to intermediaries, shielding them from
liability for content uploaded by users, provided they adhere to due diligence requirements.
This means that intermediaries such as internet service providers (ISPs), social media
platforms, e-commerce websites, search engines, and payment gateways are generally
not responsible for user-generated content unless they actively participate in illegal activities
or fail to comply with government directives.
The concept of intermediary liability has been a subject of global legal debates,
particularly in light of challenges posed by hate speech, data privacy breaches, and
4
intellectual property violations. The Shreya Singhal v. Union of India1 case was a
landmark judgment in India that clarified the responsibilities of intermediaries, ruling that
they are only required to remove objectionable content when notified by a court or
government authority. This judgment helped establish a legal framework that balances
freedom of speech and expression with the need for accountability.
INTERMEDIARY
In the knowledge society of the 21st-century computers, the internet and ICTs lave played
very important roles in our lives. The Internet is providing several services and has become
an important source of information. However, for receiving such services including
information, it is important to have access to the internet which is provided by the
intermediary. An intermediary is a person (commercial or non-commercial entity) that
connects the user to the internet. However under the Information Technology Act, 2000 the
term intermediary has been defined as follows:
1
AIR 2015 SC 1523
5
v. search engines;( Google, Bing.)
vi. online payment sites;( Paytm, Razorpay, Google Pay.)
vii. online-auction sites,
viii. online-market places,( Amazon, Flipkart, eBay.)
ix. cyber cafes.( Public internet access points.)
Therefore after the Amendment, the meaning of the intermediary has been widened, and
now it includes so many other entities such as telecom service providers: network service
providers: internet service providers: Webhosting service provider; search engines; online
payment sites; online auction sites; online market places; and cybercafés which are
providing different types of services.
When a computer wants to send a message to another computer across the internet, it first
connects to a small local ISP through a modem. A local ISP can be a company that simply
provides Internet service or a corporation with a network that supplies services to its
employees. Then these local ISPs are further connected to the regional ISPs which operate
at the regional level. These regional ISPs are then connected to the National ISP's which
when interconnected together form the Internet backbone. They are also known as Network
Service Providers (NSPs).
The different NSPs that together consist of the Internet backbone, carry the heaviest amount
of traffic on the Internet. An Internet backbone is a high-speed network that connects many
regional and local networks. Other computers then connect to these regional and local
networks to access the internet.
6
LIABILITY OF INTERMEDIARY
In today's paperless environment there are various persons or authorities who act as
intermediaries and their main role is to manage the computer system and networks and the
internet. They also provide various services such as providing service places, hosting client
web pages, etc. However the role of intermediaries is also risky. For example, the clients
web page which is hosted on the intermediary server may contain obscene material violating
the rights of other persons. In such a scenario a role of intermediary is just to relay third
party information to the public and and except for making reasonable efforts, he can't do
anything to prevent its access and hence should not be made liable when he makes
reasonable efforts to prevent the access.
Intermediaries operating in India are required to comply with due diligence obligations
under the Information Technology (Intermediary Guidelines and Digital Media Ethics
Code) Rules, 2021 to ensure their platforms are not misused for illegal activities. Failure to
7
adhere to these obligations can lead to the loss of safe harbor protection under Section 79 of
the IT Act, 2000, making them liable for third-party content. The due diligence
requirements mandate that intermediaries publish clear terms of service, explicitly
prohibiting the upload of unlawful content such as defamatory, obscene, or hate-inciting
material. They must also implement an efficient grievance redressal mechanism,
appointing a Grievance Officer responsible for addressing user complaints within a
specified timeframe. Additionally, intermediaries, particularly Significant Social Media
Intermediaries (SSMIs) like Facebook, WhatsApp, and Twitter, must ensure traceability of
the first originator of a message in case of legal investigations related to misinformation,
cybercrimes, or national security threats. Another key requirement is the removal of
unlawful content within 36 hours of receiving a court order or government notification.
Failure to remove such content may lead to civil and criminal liabilities, as intermediaries
can be considered complicit in the dissemination of illegal material.
Failure to remove objectionable content under the Actual Knowledge Doctrine occurs
when an intermediary, despite being made aware of unlawful material on its platform, does
not take timely and appropriate action to remove or disable access to such content. The
Actual Knowledge Doctrine stems from Section 79(3)(b) of the IT Act, 2000, which
states that an intermediary loses its safe harbour protection if it does not act upon receiving
"actual knowledge" of illegal content through a court order or a government notification.
This principle was significantly interpreted in the landmark case of Shreya Singhal v.
Union of India2 where the Supreme Court clarified that intermediaries are not required to
proactively monitor content but must remove it when officially notified. The rationale
behind this doctrine is to prevent misuse of digital platforms for activities such as
defamation, fake news, hate speech, obscene content, copyright violations, and threats
to national security. However, the challenge lies in determining the threshold of actual
knowledge, as intermediaries often deal with millions of user-generated posts daily. Failure
to act upon official takedown notices can lead to civil and criminal liability, including
fines, legal actions, or even imprisonment for responsible officials under provisions such
as Section 67 of the IT Act (publishing obscene material).
2
AIR 2015 SC 1523
8
3. Facilitating Cybercrime or Unlawful Activities by Intermediaries[Section 79(3)
(a)]
Where a body corporate, possessing, dealing or handling any sensitive personal data or
information in a computer resource which it owns, controls or operates, is negligent in
implementing and maintaining reasonable security practices and procedures and thereby
causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to
3
No.2284 of 2004
4
Inserted by the Information Technology (Amendment) Act, 2006
9
pay damages by way of compensation, not exceeding five crore rupees, to the person so
affected.
Any intermediary, who is so directed to preserve any information shall preserve and retain
as may be specified for such duration and in such manner and format as prescribed by the
Government. If he intentionally or knowingly contravenes this direction then he shall be
punished with imprisonment for a term which may extend to three years and also be
liable to fine.
Where the intermediary is directed by the Central Government, State Government or any
officer specially authorized by the Central Government, State Government, through any
agency of the Government to intercept, monitor, and decrypt any information generated,
transmitted, stored, and received in any computer resource then such intermediary shall
extend all facilities and technical assistance. Where intermediary or any person who fails to
assist such agency shall be punished with imprisonment for a term which may extend to
seven years and shall also be liable to fine.
Where the Central Government or any of its officers specially authorised by it direct any
agency of the Government or intermediary to block any information generated, transmitted,
received, stored, or hosted in any computer resource and the intermediary who fails to
comply with such direction then he shall be punished with imprisonment for a term which
may extend to seven years and also be liable to fine.
5
Inserted by the Information Technology (Amendment) Act, 2008
6
Substituted by the Information Technology (Amendment) Act, 2008
7
Inserted by the Information Technology (Amendment) Act, 2008
10
8. Violating the directions Central Government to monitor and collect traffic data
or information [Section 69B]8
Where the Central Government may, by notification in the Official Gazette, authorise any
agency of the Government to monitor and collect traffic data or information generated,
transmitted, received, or stored in any computer resource. Accordingly, the intermediary or
any person-in-charge of the computer resource when called upon by the agency which has
been so authorized must provide technical assistance and extend all facilities to such agency
to enable online access or to secure and provide online access to the computer resource
generating, transmitting, receiving or storing such traffic data or information. Where any
intermediary who intentionally or knowingly violates such direction then he shall be
punished with imprisonment for a term which any extend to three years and shall also be
liable to fine.
For performing its function, the Indian Computer Emergency Response Team may call for
information and give direction to the service provides. intermediaries, data centers, body
corporate, and any other person. Where any service provider, intermediaries, data centers,
body corporate or person who fails to provide the information called for or comply with the
direction shall be punishable with imprisonment for a term which may extend to one year or
with fine which may extend to one lakh rupees or with both.
Therefore, generally, intermediaries are not liable for third party information because they
merely relay third party information to the public. However, where certain conditions as laid
down under law are fulfilled then ISP (intermediary) can be made liable for any unlawful
act which also includes IPR infringement.
8
Inserted by the Information Technology (Amendment) Act, 2008
9
Inserted by the Information Technology (Amendment) Act, 2008
11
It is important to note that the intermediary shall not be liable under this Information
Technology Act, 2000, rules or regulations made thereunder for any third party information
or data or communication link made available or hosted by him. However, the following
conditions must be fulfilled:
Due Diligence
12
to observe due diligence while permitting the users to upload any information or content.
Earlier, Information Technology (Intermediaries Guidelines) Rules, 2011 were applicable.
However, there were certain loopholes in these Rules and it was not possible to take action
against the "first originator of information" a social media intermediaries always claimed
that it would be a violation of the privacy of the uploader.
11
FAO(OS) 540/2011, (2011) 47 PTC 1 (Del)
13
An intermediary, including social media intermediary, significant social media intermediary
and online gaming intermediary, shall observe the following due diligence while
discharging its duties:
12
Inserted by the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules,
2023 w.cf 6.4.2023
14
The intermediary shall respect all the rights accorded to the citizens under he
Constitution, including in the articles 14, 19 and 21. [Rule 3(1)(l)]
The intermediary shall prominently publish on its website, mobile based application, or
both, as the case may be, the name of the Grievance Officer and his contact details as well
as mechanism by which a user or a victim may take a complaint against violation of the
provisions of this rule or any other matters pertaining to the computer resources made
available by it, and the Grievance Officer shall:
acknowledge the complaint within twenty-four hours and dispose off such complaint
within a period of fifteen days from the date of its receipt;
receive and acknowledge any order, notice, or direction issued by the Appropriate
Government, any competent authority, or a court of competent jurisdiction.
Social Media Intermediary: It means an intermediary which primarily and solely enables the
online interaction between two or more users and allows them to create, upload, share,
disseminate, modify or access information using its services. For example, Facebook,
WhatsApp, Twitter, and Instagram.
15
All the significant social media intermediaries shall appoint the following officers:
1. Chief Compliance Officer: Chief Compliance Officer means key managerial personnel or
other senior employee of SSMI who is residing in India. He is responsible for ensuring
compliance with the IT Act and rules made there under.
2. Nodal Contact Person: Nodal Contact Person means an employee of a SSMI who is
resident in India. He is responsible for 24x7 coordination with law enforcement agencies
and officers for ensuring compliance to their orders.
4. Publish periodic compliance report every month mentioning the details of complaints
received and action taken thereon, and the number of specific communication links or parts
of information that the intermediary has removed or disabled access to in pursuance of any
proactive monitoring conducted by using automated tools or any other relevant information
as may be specified.
Regulation of Online curated content commonly known as Over the Top (OTT) [Part
III of the Rules, 2021]
Apart from regulating the intermediaries the new Rules regulate online curated content
commonly known as Over the Top (OTT) Platforms. These platforms are service providers
that offer viewers access to movies, TV shows, and other media directly through the
Internet, bypassing cable or satellite systems. OTT services can be accessed through
internet-connected devices like computers, smartphones, settop boxes, and smart TVs. In
India, OTT platforms are generally called 'publishers of online curated content.
Significantly, online curated content is audio-visual content such as films, web-series,
podcasts, etc., which are available to the viewers demand but not limited through
subscription by OTT platforms. Here, "On demand" means a system where a user is enabled
to access, at a time chosen by them, a content in electronic form, which is transmitted over a
computer resource and is selected by the user.
Examples of Popular video-on-demand services in India are Disney Hot Amazon Prime
Video, Sony LIV etc.
16
The question regarding regulating OTT started in January 2021 with The Tandav
Controversy:13
The "Tandav" web series was released on the OTT Platform Amazon Prime Video on
January 15, 2021. Immediately upon release, the controversy started as the series has been
criticised by various sections of Indian society on the ground that some parts of the series
were objectionable as hurt the religious sentiments of Hindus. Accordingly, various
complaints were filed in various states and the Ministry of Information & Broadcasting
intervened and raised these concerns to the makers of the series.
In an RTI reply by the Ministry of Information & Broadcasting as per the complaints by
private individuals, advocates, non-governmental organisations and series of political parties
series are hurting religious sentiments and are anti-dalit. The makers made an unconditional
apology and also removed objectionable part of the series. As the complainants were not
dissatisfied by the action taken so multiple FIRs across states were filed against the series'
directors, producers, and rectors as well as the India head of Amazon Prime Video's original
content, Aparna Purohit.
After this controversy, demands started for censorship and criminal penalties for OTT
platforms in India for uploading objectionable information. Finally, on February 25, 2021
the Information Technology (Intermediary Guidelines and Digital Media Ethics Code)
Rules, 2021 were notified by the Government containing rules for regulating OTT.
General Principle
a. A publisher shall not transmit or publish or exhibit any any content which is
prohibited under any law for the time being in force or has been prohibitel by any
court of competent jurisdiction.
13
The Tandav Controversy: A case study available at https://internetfreedom.in/tandav-case-study/accessed
on 10.11.2022.
17
b. A publisher shall take into consideration the following factors, when deciding to
feature or transmit or publish or exhibit any content, after duly considering the
implications of any content as falling under the following categories, and shall
exercise due caution and discretion in relation to the same:
content which affects the sovereignty and integrity of India;
content which threatens, endangers or jeopardises the security of the State:
content which is detrimental to India's friendly relations with foreign countries;
content which is likely to incite violence or disturbs the maintenance of public
order.
c. A publisher shall take into consideration India's multi-racial and multi religious
context and exercise due caution and discretion when featuring the activities, beliefs,
practices, or views of any racial or religious group.
Content Classification:
(1) The Content may be classified on the basis of (1) Themes messages; (ii) Violence;
(iii) Nudity; (iv) Sex (v) Language (vi) Drug and substance abuse, and (vi) Horror
described in the Schedule, as may be modified from time to time by the Ministry of
Information & Broadcasting.
18
Implementation of Rules 2021
Social Media intermediaries were given three months to comply with the new rules. The
government on May 26 issued a fresh notice to all social media intermediaries seeking
details on the status of compliance with the new rules that came into effect on that day.
Companies like Google, Facebook, WhatsApp, Telegram, Koo, Sharechat, and Linkedin
have shared details with Meity as per the requirement of the new norms. Twitter sought an
extension of the compliance window and called for constructive dialogue and a
collaborative approach from the government to safeguard the freedom of expression of the
public.
CONCLUSION
The concept of intermediaries and their liability under the Information Technology Act,
2000 (IT Act, 2000) is crucial in regulating the digital ecosystem. Intermediaries, such as
internet service providers, social media platforms, e-commerce websites, and search
engines, play a vital role in enabling digital interactions. However, given their role in
hosting and transmitting third-party content, determining their liability for unlawful
activities has been a subject of legal scrutiny.
The IT Act, 2000, particularly Section 79, provides safe harbour protection to
intermediaries, shielding them from liability for third-party content as long as they act as
passive facilitators and comply with due diligence requirements. However, intermediaries
can lose this protection if they actively participate in unlawful activities, fail to remove
illegal content upon receiving actual knowledge (court order or government notification), or
do not follow compliance guidelines under the IT (Intermediary Guidelines and Digital
Media Ethics Code) Rules, 2021.
Judicial decisions, such as Shreya Singhal v. Union of India14, have further clarified that
intermediaries are not obligated to remove content unless legally mandated. Cases like the
Bazee.com case and MySpace Inc. v. Super Cassettes Industries Ltd 15. demonstrate the
evolving nature of intermediary liability and the need for stricter content moderation
policies.
14
AIR 2015 SC 1523
15
FAO(OS) 540/2011, (2011) 47 PTC 1 (Del)
19
In an era of rising cybercrimes, misinformation, and data privacy concerns, intermediary
liability continues to evolve. While the IT Act, 2000 provides a balanced approach,
emerging challenges may lead to further amendments, imposing greater responsibility on
digital platforms. The future of intermediary regulation in India will require a harmonized
approach between freedom of expression, data security, and accountability, ensuring a safer
and more transparent digital environment.
BIBLIOGRAPHY
https://blog.ipleaders.in/regulating-digital-intermediaries-it-act-and-the-new-
intermediary-guidelines/
https://blog.ipleaders.in/intermediary-liability-analysis-of-the-effect-of-the-shreya-
singhal-judgment-on-internet-intermediaries-in-india/
https://www.indiacode.nic.in/bitstream/123456789/15983/1/
the_information_technology_act%2C_2008.pdf
https://thelegallock.com/case-brief-super-cassettes-industries-ltd-v-myspace-inc/
Cyber Laws & Information Technology, Dr. Jyoti Rattan, Bharat Law House Pvt.
Ltd., 9th Edition(BOOK)
20