Introduction

The raging Covid-19 pandemic across the globe has forced individuals and governments alike to resort to measures of an unprecedented nature. The mandatory social distancing norms and a general inclination towards a contact-free approach has resultantly led to a significant rise in the popularity of platforms especially with the introduction of Unlock 3.0 measures.1

The Market Study on E-Commerce published by the Competition Commission of India ("CCI") 2 in January 2020 highlighted the upward trend in the revenue growth of the sector from USD 39 billion in 2017 to USD 120 billion in 2020, making India one of the fastest growing e-commerce market spaces in the world. While the sector has been growing at an increasingly steady pace, the present pandemic and the consequent repercussions including the general fear of the virus (given the ever-rising numbers of Covid-19 cases) has contributed towards bolstering the growth of e-commerce platforms over physical markets.

In light of the above, consumer protection and the need to introduce appropriate laws to ensure consumer protection in the digital commerce space has never been more crucial. Accordingly, the Central Government under Section 101(2)(zg) (Power of Central Government to make rules) of the Consumer Protection Act, 2019 ("CPA 2019"),3 the Ministry of Consumer Affairs, Food and Public Distributions notified the Consumer Protection (E-Commerce) Rules, 2020 ("Rules") on 23 July 2020.4

The present piece seeks to provide a brief summary of the key compliances under the Rules and the concomitant regulatory impacts that might follow.

Consumer Protection (E-Commerce) Rules, 2020

Coverage

The Rules (Rule 2) apply to: (a) all goods and services (including digital products5 ) transacted over an electronic/digital network; (b) all models of e-commerce, including marketplace and inventory models (discussed below); (c) all e-commerce retail (including multi-brand and single brand retail trading); and (d) all forms of unfair trade practices across all e-commerce models.

While, the Rules have been expressly made applicable to e-commerce entities, the Rules do not apply to a natural person where the following components are met: (a) the activities are being undertaken in a personal capacity; and (b) the activities do not form part of any professional or commercial activity being undertaken on a regular or systematic basis. Put in simple terms, where an individual is engaging in a transaction either in a personal capacity and not in a regular or systematic basis for any professional or commercial activity (for instance, selling a used book online other than through an e-commerce entity), would not fall within the purview of the Rules. Accordingly, natural persons engaged in occasional transactions entailing consumer to consumer or business to consumer interface may be excluded.

Further, the Rules have extra-territorial application on those e-commerce entities which may not be established in India, but systematically offers goods and services to consumers in India (Rule 2(2)).

Key Stakeholders

The Rules seek to capture the duties and liabilities with a view to regulate and govern the activities of 2 (two) categories of players in an e-commerce6 setup:

  1. 'e-commerce entity': This means any person who owns, operates or manages any digital or electronic facility or platform for electronic commerce but excludes a seller engaged in selling on marketplace e-commerce entity. An e-commerce entity can be of 2 (two) types:7
    1. 'inventory e-commerce entity': owns the inventory of goods or services and sells such goods and services to the consumers and includes multi-brand and single-brand retailers;
    2. 'marketplace e-commerce entity': merely provides a platform on digital network to facilitate transactions between buyers and sellers; and
  2. 'sellers': This means a product seller8 and includes any services provider.

Interestingly, the Rules governs not just a 'consumer' but rather at several places refers to a 'user' which is any person who accesses or avails any computer resource of an e-commerce entity. Prima facie user covers a broader set of person/entities in comparison to a consumer which is the end user of a product or service

Key Duties / Liabilities

E-commerce entities (Rule 4)

Legal structure: An e-commerce entity must either be incorporated under the (Indian) Companies Act, 2013 (or its predecessor Companies Act, 1956) or a foreign company or an office, branch or an agency outside India owned or controlled by a person resident in India.

Implications: The Rules curiously have not included other legal structures such as limited liability partnerships. This exclusion will impact several e-commerce entities which are operating under a different legal structure. Section 107(2) (Repeal & Savings) of the CPA 2019 provides for grandfathering of previous actions unless such previous actions are inconsistent with the provisions of the CPA 2019. Accordingly, it appears that an existing e-commerce entity may need to change its legal structure to a company. While this may not be the legislative intent, a similar provision exists in Foreign Exchange Management (Non-debt Instruments) Rules, 2019 ("NDI Rules").

The Rules do not require mandatory physical/entity localisation as is being misunderstood largely. As per Section 2(42) of the Companies Act 2013,8 a foreign company may have a place of business in India through electronic mode for conducting a business activity in India.

From a joint reading of provisions pertaining to e-commerce entity under the Rules and the identical definitions of 'electronic mode'9 and 'business activity'10 it is clear that foreign e-commerce companies may operate virtually without the need to have a physical presence in India. This reading also compliments the fact that the Rules have extra-territorial application on entities not established in India but are engaged in systematically offering goods and services to consumers in India.

Also, the Rules contain reference to Section 2(v)(iii) of Foreign Exchange Management Act, 1999 with regard to 'office, branch or an agency outside India owned or controlled by a person resident in India' which appears to be an inadvertent error and the reference ought to have been made to Section 2(v)(iv) instead.

Nodal officer: Appoint a nodal person of contact or a senior designated functionary who is resident in India, for ensuring compliance with the CPA 2019 and the Rules.

Implications: This will require an e-commerce entity based outside India to appoint a person /individual resident in India to ensure compliance with the Rules and the CPA 2019 even though such entity may not have an office / place of business in India. Also, a start-up company in its early stages will now need to incur additional expenses to engage a full-time personnel in this regard.

Grievance redressal: Establish an adequate grievance redressal mechanism and appoint a grievance officer whose name, contact details and designation is displayed on the consumer facing platform. Further, it is now mandatory to acknowledge the receipt of any consumer complaint within 48 hours and provide redressal of the same within 1 (one) month from the date of receipt of the complaint.

Implications: The requirement to appoint a grievance officer was already covered under Rule 5(9) the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 ("SPDI Rules")11 and Rule 3(11) of the Information Technology (Intermediaries guidelines) Rules, 2011 ("Intermediary Rules").12 While the roles of the officer and applicability of the SPDI Rules and Intermediary Rules are different, the Rules have made the application universal to all e-commerce entities. Nonetheless, this increases the compliance burden of early stage start-ups.

Further, from the consumer perspective this will provide a time-bound redressal of grievances. Mandating acknowledgment of complaints is another step forward towards ensuring transparency in the mechanism.

Information display: The e-commerce entity should, in a clear and accessible manner display: (a) its legal name; (b) addresses of its office(s); (c) details of the website; and (d) contact details of customer care and grievance officer. In case of imported goods, the e-commerce entity should display the name and details of the importer or the seller (as the case may be).

Implications: In addition to privacy policy, terms of use, customer agreements (if required) and other rules and regulations as specified under the SPDI Rules and the Intermediary Rules, the e-commerce entity will also need to disclose the aforesaid information.

Anti-market practices: E-commerce entities are prohibited from: (a) adopting any unfair trade practices;13 (b) quoting unjustified prices, having regard to prevailing market conditions, essential nature of goods and services, extraordinary circumstances in which goods and services are offered and any other relevant considerations, in order to gain unreasonable profit; and (c) discriminating between consumers of the same class or making arbitrary classifications between consumers.

Implications: The Rules are silent on discriminatory practices of e-commerce entities vis-à-vis sellers especially in a B2B context where goods and services are being transacted for earning a livelihood. Prevalence of unfair contract terms was noted in the report dated 8 January 2020 of the CCI titled 'Market Study on e- Commerce in India – Key Findings and Observations'.14

Further, terms like 'unjustified prices', 'unreasonable profits' and 'arbitrary classification' remain undefined and are likely to cause conflict, confusion and mis-use at the hands of litigious consumers. For instance, restricting access to (a) sale / discounts on products/services; or (b) new movies to a particular set of subscribers / consumers may amount to arbitrary classification since these affect the rights of the consumers.

Other duties: The e-commerce entities: (a) cannot impose cancellation charges on consumers unless similar charge is required to be borne by it; (b) must obtain explicit and affirmative consent from consumers for executing the purchase but not through automatic means such as pre-ticked checkboxes; (c) effect refund within a reasonable period of time as per guidelines of the Reserve Bank of India.

Implications: While all such compliances may have the effect of providing a safe and secure experience for consumers in the digital marketspace, it is also important to weigh these against the financial burden that would be imposed on small or mid-size e-commerce entities. It is significant to note that not all e-commerce entities constitute a multi-billion dollar business, quite a significant portion of the digital marketplace also comprises of small scale start-ups. Such start-ups may not possess the requisite funds to ensure compliance. Accordingly, certain concessions may be a welcome change for early stage start-ups

Marketplace e-commerce entities (Rule 5)

In addition to the compliances set out in the Intermediary Rules, the marketplace e-commerce entities is required to need to comply with the following provisions in order to avail the safe harbour exemption under Section 79(1) of the Information Technology Act, 2000 ("IT Act"):

Undertaking: To obtain an undertaking from each seller confirming that the information furnished by it with respect to the good and service being offered on the platform of marketplace e-commerce entity is accurate and corresponds directly with the appearance, nature, quality, purpose and other general features of such good or service.

Accurate description: To display, in a clear and accessible manner: (a) details of the sellers (discussed below); (b) complaint ticket number for tracking status (as applicable); (c) information relating to return, refund, exchange, warranty and guarantee, delivery and shipment, modes of payment, and grievance redressal mechanism; (d) payment method; (e) all information provided by the seller (discussed below); and (f) parameters on which products are ranked.

Implications: Marketplace e-commerce entities with foreign investment are also subject to the conditions set out under the NDI Rules.9 The NDI Rules permit marketplace e-commerce entities to engage in support services like warehousing, logistics, call centre etc. Given that these services are seller-facing, the Rules do not take these activities into account.

Differentiated treatment: Marketplace e-commerce entities are required to disclose any differentiated treatment which it is / may be extending to goods, services or sellers of the same category.

Implications: Description of practices like premium/preferred listing, skewed search results, sponsored deals etc. will need to be disclosed in the terms and conditions governing the relationship with the sellers on the platform.

Records: To maintain a record identifying sellers who repeatedly have offered goods or services that have been removed or access to which has been disabled under Copyright Act, 1957, Trade Marks Act, 1999 or the IT Act. The marketplace e-commerce entity may at its discretion terminate access of such sellers to its platform.

Implications: The authority to terminate access of sellers compliments the provisions of the Intermediary Rules

Sellers (Rule 6)

Fake reviews: Sellers are prohibited from posting reviews posing as a customer on the offered goods / services.

Duty to take back: Sellers are obligated to take back goods or withdraw services and refund consideration if such goods and services are defective, deficient, late delivered (unless due to force majeure), different from the features advertised or spurious.

Implications: The Rules do not expressly cover this but the term 'reviews' should also include grading / ranking of products. Further, the obligation of the sellers to take back / withdraw has paved way for a new right to return / refund for the consumers, which was previously absent under the Consumer Protection Act, 1986.

Full and accurate disclosure: Provide all relevant details about the goods and services offered for sale including total price (along with breakup price such as delivery charge, applicable tax etc.), expiry date, country of origin, details of grievance officer, details of importer and guarantees relating to authenticity of the imported products, warranty / guarantee, terms of exchange, returns and refund and details of delivery and shipment.

Implications: The Legal Metrology (Packaged Commodities) Rules, 2011 ("LM Rules") which applies to labelling of products also mandates every imported product to mention relevant information pertaining to the country of origin or manufacturer or assembly on the package.15 However, in line with the vision of Atmanirbhar Bharat, the sellers are required to disclose such information and notices as required under applicable law (which will include LM Rules).

Other duties: Sellers are also required to: (a) enter into a written contract with the respective e-commerce entity for undertaking sale or offer; (b) appoint a grievance officer and ensure time-bound redressal of complaints (same timelines as e-commerce entity); (c) ensure that advertisements are consistent with actual features of the goods / services; and (d) provide all the relevant information (such as legal name, office address, email address, customer care contact number etc.) to the e-commerce entity.

Inventory E-Commerce Entity (Rule 7)

Since an inventory e-commerce entity owns the inventory (i.e. goods or services) and sells it on its platform, it has been subjected to similar obligations as that of a marketplace e-commerce entity and sellers pertaining to display requirements, fake reviews, products should be as advertised, obligations to take back or withdraw.

Additionally, an inventory e-commerce entity which vouches for the authenticity of the goods or services sold by it will be subject to appropriate liability in case of any action pertaining to the authenticity of such goods or services.

Implications: An inventory e-commerce entity will need to undertake caution in terms of the representations it makes towards the goods/services being offered. Adequate diligence will be required along with standard carve-outs in the terms of use and other conditions in order to limit their liability.

Non-compliance

Any non-compliance of the Rules will result in penalty as specified under the Act. While in certain cases (misleading advertisement, non-compliance of orders of Central Authority, injury / death of consumer) imprisonment ranging between 1 month to life (depending on the offense) has been prescribed and in other cases fine which range from INR 25 thousand to INR 5 million.

Way forward

The Rules have sought to create a consumer protection mechanism in digital marketspaces by introducing an extensive compliance framework which at several places overlaps with sector-specific rules and regulations. The Rules have compelled a re-look at the existing contractual arrangements between sellers and e-commerce entities. The contracts will need to be carefully drafted in terms of indemnity, limitation of liability after undertaking a deeper diligence by e-commerce entities to ensure continued safe harbour under the IT Act.

The Rules also require that requisite information required under applicable laws should also be disclosed on the platform. Accordingly, relevant provisions of the rules regarding packaging and labelling issued under the Food Safety and Standards Act, 2006 and Drugs and Cosmetics Act, 1940 etc. will need to be displayed on the platform as well (where applicable).

The Department for Promotion of Industry and Internal Trade has yet to release the much-awaited ecommerce policy.10 Once implemented, e-commerce entities with foreign investment will be subject to more stringent compliances (including on account of NDI Rules) in comparison to domestic entities.

Footnotes

1 The Ministry of Home Affairs Order dated 29 July 2020 has allowed all essential activities (barring a few) in areas outside containment zones. (https://www.mha.gov.in/sites/default/files/Unlock3_29072020.pdf).

2 Competition Commission of India, Market Study on E-Commerce in India (08 January, 2020), https://www.cci.gov.in/sites/default/files/whats_newdocument/Market-study-on-e-Commerce-in-India.pdf.

3 The Consumer Protection Act, 1986 has been replaced with the CPA 2019. The new legislation came into force on July 20, 2020.

4 A preliminary draft of the Rules was released in November 2019, wherein consultation from various stakeholders had been invited by December 2019. The 2019 draft of the Rules was preceded by the E-Commerce Guidelines for Consumer Protection, 2019. The present version of the Rules comprises an upgraded version of the 2019 draft rules which replaces the E-Commerce Guidelines for Consumer Protection, 2019.

5 E.g. E-Books, Music and Movies available over the internet, etc.

6 Rules, R. 2(16) defines 'e-commerce' as transacting of goods or services over digital or electronic network.

7 Consumer Protection (E-Commerce) Rules, 2020, R. 3(1)(f) and Rule 3(1)(g).

8 CPA 2019, S. 2(37) defines 'product seller'.

9 Marketplace entities with foreign investment will also need to comply with the draft E-Commerce Policy as and when published / implemented by the Department for Promotion of Industry and Internal Trade, https://dipp.gov.in/sites/default/files/DraftNational_e-commerce_Policy_23February2019.pdf.

10 Department for Promotion of Industry and Internal Trade, https://dipp.gov.in/sites/default/files/DraftNational_ecommerce_Policy_23February2019.pdf.

Originally published 19 August, 2020

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.