IT’s Intermediary Guidelines, 2021: Willful blindness and lack of proactive steps will deny safe harbour


On February 25, 2021, India replaced the IT Rules 2011 with the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

As the name suggests, the new rules focus on greater ethical obligations by intermediaries. A significant section of these rules is dedicated to regulating intermediaries in the news and media space.

However, this post focuses on their impact on the ‘traditional’ e-commerce and related areas.

The intermediary model

A key constant in the story of human evolution has been new technology replacing old models with new ones. With the internet, came the intermediaries (in entirely new, and rapidly evolving avatars).

For the most part, the majority saw intermediaries as making things convenient for businesses and consumers. Any wrongdoing by businesses on the intermediary’s platform should not get the neutral, hands-off intermediary in trouble.

Thus, the concept of safe harbour was introduced in a number of countries.

Intermediaries and IP owners – Trading blows

Cut to just a few years ago, and the situation changed dramatically.

Intermediaries are the order of the day (search engines, ISPs, aggregators, content curators etc.) with business vying for greater visibility on intermediary platforms, to increase sales, customers, etc. A growing number of users are duped by counterfeits, or get entangled in job scams, fake advertisements, etc.

So, we’ve got a divided house. While safe harbour is critical to sustaining the intermediary model and the e-commerce space, brand owners and lawmakers repeatedly petitioned for proactive measures by intermediaries to minimize unlawful acts on their platform.

In contrast, intermediaries cried foul and claimed that anything other than a pure hands-off approach will require them to police or pre-screen content on their platform, which was antithetical to the basic fabric of being “intermediaries”.

But must an IP owner divert its energy to screening myriad intermediary platforms, just to notify each platform that it needs to de-list infringing content? Is that burden reasonable or too onerous?

Regulating responsibility: The legal regime in India

The prior regime in India

In India, Section 79 of the Information Technology Act, 2000 and IT (Intermediary Guidelines) Rules, 2011 regulated the duties and liabilities of intermediaries.

In a nutshell, in order to claim safe harbour, an intermediary had to refrain from involvement in creation or transmission of third-party content on their platforms. Moreover, it had to publish policies on its platform informing its users inter alia not to infringe IP rights or post misleading content.

So long as these steps were taken, rampant violation of its policies by users would not attribute liability to an intermediary.

Case law

A number of judicial decisions in India in cases brought by IP owners saw the intermediary being directed to take down infringing content and follow standard notice-and-take-down measures, most notably among them, perhaps, being MySpace Inc. v. Super Cassettes Industries Ltd. 2017(69) PTC1 (Del).

But, as legislation limited an intermediary’s duties to these acts, courts usually did not entertain claims by IP owners which called for an intermediary to screen and police its platform to prevent future infringement.

Courts were alive to the advantage taken by miscreants and counterfeiters of an intermediary’s hands-off stance. In some strong decisions, including Christian Louboutin SAS v. Nakul Bajaj, 2018 (76) PTC 508 (Del); M/s L’OREAL v. Clues Network Pvt Ltd, CS (COMM) 980 of 2016; and Skull Candy v. Clues Network, CS (COMM) 986 of 2016, the Single Judge of the Delhi High Court ordered particular intermediaries to take inter alia the following steps to reduce counterfeiting:

  • Disclosure of seller details
  • Assurance from sellers that goods are genuine, failing which goods would not be listed.

Two out of three decisions were reversed in appeal, for procedural reasons, as the Appellate Court had held inter alia that the court ought not have denied safe harbour without trial.

The new Intermediary Guidelines, 2021

Though all criteria from the previous regime have been retained, some crucial additions are as follows with respect to “significant social media intermediaries”, i.e., those with at least 5 million Indian users

  1. Provide details of users for identity verification of users engaging in infringement, after a court order [Rule 3(1)(j)];
  2. Deploy automated tools to block future content, which has already been determined to be ‘infringing’ by a court of law. Periodic review and human oversight to be done [Rule 4(4)];
  3. Enable users to verify their accounts, through means including a mobile number. Verified profiles to be identified for other users to see [Rule 4(7)]; and
  4. Loss of safe harbour if guidelines not followed [Rule 7].

Concluding thoughts

The onus on the intermediary for taking proactive steps is reminiscent of international decisions which have held:

  1. Intermediaries who know that their platform is used to perpetrate infringement must deploy keyword filters, web-crawlers and automated tools to weed out infringing content.
  2. When infringement has been recognized by the court, the intermediary must deploy tools to prevent identical or similar content from being uploaded in future, subject to minimal human involvement and respecting free speech.

Though it remains to be seen how strong the enforcement of the new regime is, it is clear that these guidelines introduce change to make buck stop with intermediaries in select situations.

This article was first published on the AsiaIP website.