Intermediaries under the Information Technology Act, 2000: Concept, Scope and Liability

Intermediaries under the Information Technology Act, 2000: Concept, Scope and Liability

Introduction

Digital communication in India is architected around entities that receive, store, transmit, or provide services in respect of electronic records on behalf of others. The Information Technology Act, 2000 (“IT Act”) conceptualises such entities as “intermediaries”, granting them limited immunity (the “safe-harbour”) while simultaneously imposing statutory duties. This article critically analyses the legal construct of an “intermediary”, the evolution of its liability regime, and the doctrinal contours shaped by Indian jurisprudence, with a focus on Section 79 IT Act and leading case-law.

Statutory Framework

Definition: Section 2(1)(w) IT Act

An intermediary “with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online-payment sites, online-auction sites, online-market places and cyber cafés”.[1] The breadth of the definition adopts a functional rather than organisational criterion, extending to contemporary e-commerce platforms, social-media networks, and emergent service layers in the digital economy.

Safe-harbour: Section 79 IT Act

Section 79(1) exempts intermediaries from liability “for any third-party information, data or communication link made available or hosted by him”. Three cumulative conditions under Section 79(2) qualify the exemption: (a) the function must be limited to providing access to a communication system; (b) the intermediary must not initiate the transmission, select the receiver, or modify the information; and (c) it must exercise “due diligence” and comply with government guidelines.[2] Section 79(3)(b), as read down in Shreya Singhal v. Union of India[3], withdraws immunity only upon failure to remove content after “actual knowledge” through a court order or authorised government notice—eschewing private notice-and-takedown models that risk chilling speech.

Ancillary Provisions

  • Section 69A: Empowers the Central Government to direct blocking of information for specified Article 19(2) grounds; intermediaries are obligated to comply.[4]
  • Intermediary Guidelines Rules 2011 / Digital Media and Intermediary Guidelines Rules 2021: Operationalise “due diligence” (e.g., grievance officer, 36-hour takedown, traceability for significant social-media intermediaries).

Jurisprudential Evolution

Pre-2008 Amendment: Strict Construction

Early litigation such as Avnish Bajaj v. State (NCT of Delhi) (2004)[5] involved the Managing Director of Baazee.com being arrested for an obscene MMS circulated by a user. Although the court ultimately granted bail, the episode revealed the vulnerabilities faced by platform executives before the 2008 amendment enlarged Section 79’s scope beyond “under this Act” to “under any law”.

Post-Amendment & Constitutional Read-down

The 2008 amendment introduced the present safe-harbour architecture. In Google India v. Visakha Industries (2019)[6] the Supreme Court affirmed that even pre-amendment, intermediaries were not to be saddled with strict liability, and post-amendment protection extends across legal domains, subject to due diligence and Shreya Singhal procedural safeguards.

Active–Passive Dichotomy

Indian courts have borrowed from EU/US decisions to distinguish “passive” conduits from “active” participants. In Christian Louboutin SAS v. Nakul Bajaj (2018)[7], the Delhi High Court found Darveys.com to curate listings, mandate membership fees, manipulate meta-tags, and exercise control over fulfilment—activities transcending the neutral conduit role and therefore disentitling the platform from Section 79 immunity in a trademark suit. The decision introduced a functional test focusing on factual control rather than corporate description.

Doctrinal Analysis of Key Legal Points

(1) Nature of “Receiving, Storing, Transmitting”

The statutory verbs envisage technical facilitation. MySpace Inc. v. Super Cassettes Industries Ltd. (2016) held that automated transcoding and “screen-grab” creation did not amount to modification when carried out indiscriminately by algorithms, and thus did not per se defeat safe-harbour.[8] The court required specific knowledge of infringing URLs before liability attached, aligning with the “actual knowledge” threshold.

(2) “Due Diligence” Obligations

Due diligence encompasses (i) publishing rules/policies, (ii) appointing grievance officers, (iii) expeditious removal upon lawful order, and (iv) preservation of evidence. In Sabu Mathew George v. Union of India (2016) search-engines were directed to deploy proactive filters for sex-selection advertisements, demonstrating courts’ willingness to mandate ex-ante technical measures where statutory objectives so demand.[9]

(3) Cross-statutory Interface

  • Defamation (IPC ss. 499-502): Google India v. Visakha recognised that safe-harbour does not oust the IPC but conditions liability on failure to act after lawful notice.
  • Intellectual Property: Section 81’s non-obstante clause ensures the Copyright Act and Trade Marks Act operate notwithstanding the IT Act; courts therefore examine Section 79 first, and if immunity is lost, adjudicate infringement. The Christian Louboutin and MySpace line of cases embody this two-step analysis.
  • Consumer Protection: Recent consumer fora decisions (Ushang Parekh v. Flipkart, 2024; Akshat Sharma v. Appario Retail, 2024) illustrate plaintiffs invoking privity of contract and e-commerce rules to overcome intermediary defences when the platform handled payments or logistics.
  • Criminal Procedure: High Courts (e.g., Kunal Bahl v. State of Karnataka, 2021)[10] routinely quash proceedings against marketplace directors unless material indicates complicity beyond platform provision, invoking Section 79 read with CrPC s. 202 inquiry obligations.

(4) Actual Knowledge Standard Post-Shreya Singhal

The Supreme Court’s constitutional reading prevents private individuals from coercing takedown through mere notice; only a court or authorised government agency can trigger liability. This calibrates intermediary responsibilities with free-speech values and avoids deputising platforms as “super-censors”. Subsequent cases (Google India v. Visakha; Ajit Mohan v. Legislative Assembly of Delhi, 2021) reaffirm the distinction between Section 69A blocking (executive discretion) and Section 79 takedown (reactive compliance).

Sector-Specific Applications

Trademark Infringement

Christian Louboutin imposed affirmative duties: disclosure of sellers, contractual warranties of authenticity, and removal of infringing meta-tags. The ruling signals heightened scrutiny for luxury goods marketplaces where brand dilution risks are acute.

Copyright Infringement

The MySpace division bench harmonised Section 79 with Copyright Act s. 51(a)(ii), insisting on “specific knowledge” of URLs before takedown. Overbroad injunctions were set aside to preserve platform functionality and user rights.

Defamation & Reputation

In Google India v. Visakha the Supreme Court declined to quash defamation proceedings at the threshold, emphasising that whether Google had “knowledge” was a factual issue. Nonetheless, it reiterated that, absent court-directed notice, immunity subsists.

Consumer Disputes

District fora have been divided: while some dismiss claims against platforms citing intermediary status, others—especially where the platform processed payments or logistics—treat it as part of the supply chain, invoking the Consumer Protection (E-commerce) Rules 2020 which distinguish “marketplace” and “inventory” models. These divergent outcomes underscore the fact-centric nature of intermediary defences.

Policy Considerations and Comparative Insights

The Indian model mirrors the EU e-Commerce Directive’s conditional safe-harbour and the US Digital Millennium Copyright Act’s notice-and-takedown, yet departs by requiring governmental or judicial notice post-Shreya Singhal. Critics argue this may slow removal of harmful content; proponents contend it guards against over-compliance. Recent draft amendments propose trusted flaggers and 72-hour turnaround, evidencing a trend towards co-regulatory hybridity.

Conclusion

The definition of “intermediary” under the IT Act is intentionally capacious, recognising the fluidity of technological roles. Indian courts have progressively refined the liability matrix: Avnish Bajaj highlighted vulnerabilities, the 2008 amendment extended statutory immunity, Shreya Singhal installed constitutional guardrails, and sector-specific decisions (Christian Louboutin, MySpace, Google India v. Visakha) operationalised nuanced tests of active participation, due diligence, and actual knowledge. The emerging jurisprudence seeks equilibrium—fostering innovation and free expression while safeguarding rights holders and consumers. Future legislative reform must continue to calibrate this balance, clarifying procedural triggers, standardising due-diligence benchmarks, and harmonising overlaps with specialised regimes such as consumer protection and intellectual property.

Footnotes

  1. Information Technology Act 2000, s. 2(1)(w).
  2. IT Act 2000, s. 79(2); see also Information Technology (Intermediary Guidelines) Rules 2011.
  3. Shreya Singhal v. Union of India, (2015) 5 SCC 1.
  4. IT Act 2000, s. 69A; Government of India, Blocking Rules 2009.
  5. Avnish Bajaj v. State (NCT of Delhi), 2004 SCC OnLine Del 1160.
  6. Google India Pvt. Ltd. v. Visakha Industries, 2019 SCC OnLine SC 1587.
  7. Christian Louboutin SAS v. Nakul Bajaj, 2018 SCC OnLine Del 12215.
  8. MySpace Inc. v. Super Cassettes Industries Ltd., 2016 SCC OnLine Del 6382.
  9. Sabu Mathew George v. Union of India, (2016) 9 SCC 725.
  10. Sri Kunal Bahl v. State of Karnataka, 2021 SCC OnLine Kar 15706.