Today, with the internet playing an ever-increasing role in the lives of people, e-commerce websites are gradually negating the requirement of physical stores. However, as the law has not changed as dynamically and in keeping with the rise of the e-commerce websites, the obligations and liabilities upon them are still largely up to interpretation. The primary challenge being: who is liable for the unlawful content available on these platforms: the access providers or the users? A close second is: what actions make the platforms avoid liability for any unlawful content created or posted by the users of the platform? As the former has been discussed at length, the focus of this article will be on answering the latter which is also known as the due diligence required of the intermediaries.
In India, Section 2(1)(w) of the Information Technology Act, 2000 (IT Act) lays down that an intermediary: ".means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes."
Section 79 of the IT Act provides an immunity or "safe harbor" to intermediaries against liability for any third-party information, data, or communication link made available or hosted by them.1 However, this safe harbour is subject to Subclause (2) and (3) of Section 79 of the IT Act.
Subclause (2) provides the qualifiers to be called an intermediary. It states that a platform will qualify as an intermediary only if:
(a) its function is limited to providing access to a communication system over which user generated content/information is hosted or temporarily stored;
(b) the platform does not initiate, select the receiver or modify the content of the transmission which is made or stored by third parties; and
(c) it observes 'due diligence' and also observes other guidelines provided by the Central Government.
Subclause (3) is negative in its import and lays down the actions which shall disqualify a platform to claim the safe harbor protection. 2
The focus of this article is on the due diligence aspect as mentioned in subclause (2).
What is due diligence for intermediaries?
The due diligence requirement as laid down in Section 79 (2) (c) of the IT Act is twofold. It requires an intermediary to observe due diligence while discharging its duties under the IT Act and further directs intermediaries to follow other guidelines which are laid down by the Central Government. The first part of the requirement, i.e., observing due diligence while discharging its duties under the IT Act, has not been defined or detailed further under the IT Act and has mostly been left to interpretation of courts. Using the latter part of the provision, the Central Government notified the Information Technology (Intermediaries Guidelines) Rules, 2011 (Intermediary Guidelines) under which the standards required for adequate due diligence were detailed. As per Rule 3 of the Intermediary Guidelines, the intermediaries are required, inter alia:
(a) to publish terms and policies on their platforms informing their user of the rules to be abided by them while accessing the platforms, and by following the guidelines, an intermediary complies with one part of the requirement laid down in Section 79 (2) (c) of the IT Act;
(b) to comply with the provisions of Section 79 (2) of the Act; and
(c) to remove any unlawful content within 36 hours of receiving actual knowledge of such content.
In Shreya Singhal Vs UOI3 (Shreya Singhal Case), the Supreme Court struck down Section 66A of the IT Act for being ultra vires the fundamental right to freedom of speech and expression, when it was used to arrest two women for posting allegedly offensive comments on Facebook. Although the concept of due diligence was not the primary focus of the Court, it did answer one important question regarding the concept: what constitutes actual knowledge4 under clause 3(b) of Rule 3 of the Intermediary Guidelines? It held that actual knowledge means knowledge from a court order or on being notified by the appropriate government. It further underlines that if an intermediary fails to remove or disable access to the content which is unlawful upon receiving actual knowledge from court or government agency, it is said to breach the due diligence threshold and would fall out of the ambit of being called an intermediary. This court however did not have the occasion to consider, what comprises general due diligence under Section 79 (2) (c).
That thereafter, the question of due diligence as applicable to social media platforms and e-commerce websites, was primarily considered by the Delhi High Court in Myspace Inc. v Super Cassettes Industries Ltd5 (Myspace Case).
The court, in its assessment of what constitutes actual knowledge, held that providing for a takedown mechanism or methods for identifying infringing content as a general process on the platform did not constitute actual knowledge. What constituted actual knowledge was knowledge based on specific information given by the person whose work was being infringed by the content uploaded on MySpace, which practically translated to the owner of a work providing specific URL addressed where the infringing content was located. However, the court did find that providing general mechanisms for identifying infringing content, such as the Rights Management Tool, Notice and Take Down provision, Take Down Stay Down tool and Hash Block Filter, did constitute as sufficient due diligence on the part of MySpace.
Further Judgments on Due Diligence
In Kent RO Systems Ltd. v. Amit Kotak6 the Single Judge of Delhi High Court, while considering whether the e-commerce website eBay aided and abetted infringement of registered designs, by not screening the products that are listed on the platform for infringing products, without delving into what would constitute due diligence by the intermediary, held that the intermediaries cannot be asked to screen content as it would fall outside the ambit of "vigilance" as laid down in the IT Act and Intermediary Guidelines and infringing content can only be removed upon the intermediary "receiving actual knowledge" of such content. The Learned Division Bench confirmed the view taken by the Learned Single Judge while leaving the question of actual knowledge by eBay to be determined by trial.7
The Delhi High Court in Christian Louboutin SAS v. Nakul Bajaj8 (Christian Louboutin Case), while considering whether the e-commerce platform Darveys.com did not fulfil the due diligence criteria required of an intermediary, stated that the responsibility of the platform is overarching and is not limited to the Intermediary Guidelines only. The court further stated that it would not offer protection to any intermediary that has `conspired', `abetted' or `aided' or `induced the commission' of an unlawful act even if it complies with the Guidelines. The court also laid down the following checklist for due diligence which determines whether the platform is taking adequate measures or not:
(a) The terms of the agreements between the sellers and the platform: their manner of enforcement and consequence of violation;
(b) Measures in place to ensure that rights of the right-holders are protected; and
(c) Knowledge of the unlawful acts of the seller.
The Delhi High Court, thereafter, in L'Oreal vs. Brandworld and Others9 relied on the Christian Louboutin Case factors to determine whether the e-commerce platform Shopclues.com acted in a diligent manner. The Single Judge, by considering factors such as guarantee of genuine products, repeated sales of counterfeits, providing a "Replica" section on the website, held that even though the platform had put in place a take-down policy called the PIP programme, but majority of the above mentioned factors made it clear that it did not meet the due diligence requirement. In an appeal against the Single Judge's judgment in M/s Clues Network Pvt Ltd vs. M/s L'Oreal10 the Division Bench set aside the judgment of the Single Judge stating the same went beyond the pleadings, however, it did not comment on the due diligence aspect laid down by the Single Judge.
The Delhi High Court took the requirement of due diligence up a notch vide its collective judgment in eight suits against major e-commerce platforms in Amway India Enterprises Pvt. Ltd. and Ors. v 1MG Technologies Pvt. Ltd. and Ors.11 The judgment laid down strict conditions of compliance by the platforms of their own user policies apart from their compliance with the Intermediary Guidelines. The court noted that due diligence policies have to be more than just 'Paper Policies' and have to implemented in right earnest with express authorisation from the sellers of allegedly infringing products. The court held that ".the due diligence requirements would have to be met and complied with, as per the Platforms' own policies, and as per the Intermediary Guidelines, 2011. Non-compliance with the Platforms' own policies would take them out of the ambit of the safe harbour".
The Division Bench of the Delhi High Court set aside the order of the Single Judge in a single judgment12. With respect to the due diligence requirements, the Division Bench disagreed with the view taken by the Single Judge. Rejecting the overarching standards of due diligence set by the Single Judge, it held that the due diligence requirement is limited to publishing policies for its users along with the removal of the infringing material upon receiving actual knowledge of the same vide a court order as laid down in the Shreya Singhal Case.
The question of what constitutes due diligence of the intermediaries has been considered twice by two Division Benches of the Delhi High Court. From a review of the aforesaid judicial precedents, the position of the due diligence requirement in the sphere of intermediary liability appears to be a convoluted one and it seems that we will not get a black and white answer to the same anytime soon. While the Division Bench in the MySpace Case attempted to clearly define the scope of due diligence by considering the factors of Rights Management Tool, Notice and Take Down provision, Take Down Stay Down tool and Hash Block Filter required by an intermediary, the following judgment by the Division Bench in Amway appeared to require a lower threshold of due diligence from the intermediary as it deemed publishing policies and removing infringing content to be sufficient actions for the same. With the updated Intermediary Guidelines on the horizon, it needs to be seen how much the standard scale fluctuates with their arrival.
1. Section 79 (1) of the IT Act, 2000.
2. The actions being:
a. if the platform has conspired or abetted or aided or induced the commission of unlawful act by the third party; or
b. the platform fails to expeditiously remove or disable access to that material upon receiving actual knowledge, or on being notified by the Government.
3. (2015) 5 SCC 1
4. The concept of 'actual knowledge' forms part of clause 3 (b) of Rule 3 of Intermediary Guidelines.
5.(2017) 236 DLT 478 (DB)
6. 240 (2017) DLT3
7. FAO (OS) (COMM) 95/2017
8. 253 (2018) DLT728
9. CS (COMM) 980/2016
10. RFA (OS) COMM 1/2019
11. CS (OS) 410, 453, 480, 531, 550 of 2018 and CS (OS) 75 and 91 of 2019
12. FAO (OS) 133, 134, 135, 141, 142 and 157 of 2019.
The content of this document do not necessarily reflect the views/position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up please contact Khaitan & Co at email@example.com