ISPs AND THEIR ROLE IN COMMUNICATION ON THE INTERNET

ISP is an entity that connects people to the Internet and provides other allied services such as Web site building and
hosting. An ISP has the equipment and the telecommunication line access required to have a point of presence on the
Internet for the geographic area served.

Various kinds of intermediaries are involved in delivering content online to end-users, as making a work available over
the Internet will involve a chain of intermediaries. A person who is desirous of launching a Web site will first obtain an
account with a hosting service provider and then will upload Web pages onto his Web site which is physically located on
the host’s ‘server’ - which could best be described as a very large hard disk that is directly accessible on the Internet.
Upon storage on the server the uploaded documents become instantly available to everyone with a connection to the
Internet. An access provider, in turn, provides access to the Internet. On the way from host to access provider to end
user the transported content passes through the infrastructure of a network provider, who, apart from providing the
physical facilities to transport a signal, will also transmit and route it to the designated recipient.

It is common for a single legal entity to provide a complete range of these services. ISPs are instrumental in transmitting
or disseminating third party content, but neither initiate nor take any part in a decision to disseminate particular
material. The two main services provided by ISPs are:

a) Web site building and hosting; done by an entity that provides space and management for individual or business Web
sites; and

b) Access providing; done by an entity that arranges for an individual or an organization to have access to the Internet.

VARIOUS APPROACHES FOR DETERMINING

THE LIABILITY OF ISPs

The liability of ISPs may arise in a variety of legal fields, such as tort law, criminal law, trade secret law, copyright law,
trademark law, unfair competition law, etc. Worldwide many countries have tried to define the liability of ISPs in
disseminating third party content. Many of these national laws relate to criminal law, information technology law or
copyright law. These statutes have tried to solve the problem by adopting either of the two approaches; horizontal
approach or non-horizontal approach. The horizontal approach covers not only copyright infringement but also all other
potential areas of law where liability of ISPs might arise. It fixes the liability regardless of the grounds for illegality of the
transmitted material. Whereas, under non-horizontal approach the potential liability of ISPs is determined under each
law where it might arise. In this case various statutes would determine ISP liability; for example, adopting non-
horizontal approach the copyright statute would address ISP liability that might arise only in relation to copyright
violations. India The Information Technology Act, 2000 (IT Act) deals with the internet related issues. It deals
comprehensively the issue of ISP liability and lays down the guidelines to be followed during functioning as service
provider.

Horizontal Approach

In this manner the liability of ISPs is determined at one place in a single statute. There are laws now in force in Germany,
Sweden, Japan, etc. which approach the issue from a horizontal perspective. Horizontal approach functions through the
filtering mechanism i.e. first; the ISPs are made liable according to the general provisions of law related to the conduct
of the ISP in question. That means if the ISP is accused of defamation then he shall be tried according to the defamation
laws and if the ISP is accused of copyright violation then his liability will be determined as per the provisions of the
copyright law. Further, in case an ISP is held guilty say under copyright law then his liability is screened or ‘filtered’
through the exemptions granted to the ISPs under the specific provisions created under a particular statute.

Non-horizontal Approach

Under non-horizontal approach the potential liability of ISPs is determined under each law where it might arise. In this
case various statutes would determine ISP liability; for example, adopting non-horizontal approach the copyright statute
would address ISP liability that might arise only in relation to copyright violations. The alternative approach of
implementing copyright-specific laws to determine online ISP liability, has been adopted by some countries such as
Hungary, Ireland, Singapore and the United States of America. We will consider here the approach adopted by USA.

In order to limit the liability of ISPs, the United States of America amended its Copyright Act in October 1998 by enacting
the Digital Millennium Copyright Act (DMCA) which adds a new section 512 to chapter 5 of the US Copyright Act. It
establishes ‘safe harbours’ to shelter ISPs from liability for copyright infringement in certain circumstances.

The DMCA does not define when an ISP is liable for copyright infringement and, in this respect the existing principles of
the US copyright law would apply. But the DMCA sets down guidelines with respect to copyright infringement online
and specifically states four circumstances where ISPs are exempt from liability for damages.

These four categories of activities are:

1) Transitory digital network communications;

(2) System caching;

(3) Storing information on systems or networks at direction of users;

(4) Information location tools.

Further these limitations would apply provided: the ISP is merely acting as a ‘passive

conduit’, for the information, is not the producer of the information, and has responded

expeditiously to remove or disable access to infringing material upon notice from the

copyright holder (the so-called ‘notice and take down’ provisions).

The ‘notice and take down’ procedures provide that when a copyright owner becomes

aware of infringing material or infringing activity residing or taking place on an ISP’s

system or network that copyright owner may notify the ISP of the infringement and

require the ISP remove or disable access to the infringing material or activity. Upon

receipt of a notification, an ISP will have to take down the material stored on its

servers or stop access to the notified infringing material. The ISP in this case will be

exempt from liability to its subscribers for its good faith removal of or disabling

access to allegedly infringing content residing on its server at the direction of the

subscriber. Under the protections afforded by this section of the DMCA, ISPs may
act on their own initiative or in response to customer or other third-party complaints

to remove or disable access to content believed to be infringing without fear of being

held liable for a legal claim made by the person whose material has been removed or

access disabled. This exemption applies to any claim that could conceivably be

made against an ISP for removing or blocking access to content, such as tort or

breach of contract claims.

This exemption only applies with respect to material residing at the direction of a

subscriber, however, if the ISP “takes reasonable steps promptly to notify the

subscriber that it has removed or disabled access to the material” and thereby allows

the subscriber to respond to the infringement alleged in the notification. A subscriber’s

response is referred to in the statute as a “counter notification”.

Upon receipt of a counter notification, an ISP must promptly provide the original

complainant with a copy of the counter notification and inform him that it will replace

the removed material or cease disabling access to it within ten business days. The

original complainant has to file a suit within the ten-day period to obtain a court

order restraining the subscriber from engaging in infringing activity if it wants to

prevent access to the material from being restored.

SP LIABILITY FOR COPYRIGHT

INFRINGEMENT: INDIAN POSITION

13.5.1 ISP Liability under the Copyright Act, 1957

The Copyright Act, 1957 was obviously drafted in complete oblivion of the

phenomenon called the Internet. Even after its latest amendments it does not contain

any express provision for determining or limiting ISP liability. However, some

provisions in the Act could be interpreted to have some bearing on the liability of

ISPs. As per section 51 (a)(ii), copyright in a work shall be deemed to be infringed,

When any person, without a licence granted by the owner of the Copyright or the

Registrar of Copyrights under this Act or in contravention of the conditions of a

licence so granted or of any condition imposed by a competent authority under this

to the public where such communication constitutes an infringement of the copyright

in the work, unless he was not aware and had no reasonable ground for believing

that such communication to the public would be an infringement of copyright.

Materially for our purposes section 51 (a)(ii) can be broken down into two parts:

z Permits for profit

z Any place

ISPs allow their servers and other telecommunication facilities for storing user’s

material and for transmitting that material. The computer servers and other

telecommunication facilities are actually located at their business premises and hence

they would readily come under the expression “any place” and could be held liable

for the infringing activities of third parties whose material they store or transmit if

other requirements are fulfilled. Further, the expression “permits for profit” means

that to be held liable the activities of ISP should be for profit meaning thereby that he

should be financially benefiting out of the infringing activities. ISPs normally charge

for their services and even if they offer some services for free, they could indirectly

be making profit out of it, for example, from advertisements that they bundle together

with the transmitted material. So, the above two requirements are fulfilled by ISPs

for most of their activities in case they transmit or store infringing material.

Can an ISP be held primarily or secondarily liable for his contribution to copyright

infringement, and if so, under what circumstances? Interestingly, many copyright

statutes the world over distinguish between so-called primary and secondary liability.

In principle, primary infringers are strictly liable. Secondary infringers, such as mere

distributors and organizers of performances, are considered copyright infringers only

if they knew or had reason to believe that they contributed to an infringement. Thus,

presence of some form of fault is necessarily included in the notion of secondary

liability. Though the Copyright Act does not specifically divide liability into primary

and secondary, it could easily be concluded that ISPs could be held only secondarily
liable for the infringing activities of their users because their liability has been based

on the knowledge of the infringement. The expressions used in section 51(a) (ii) “not

aware” and “had no reasonable ground for believing” make it amply clear.

13.5.2 ISP Liability under the Information Technology Act, 2000

In India the provisions relating to the ISPs are specifically legislated in the IT Act,

2000 where an Internet Service Provider is referred to as Network service provider

and Explanation (a) to s. 79 defines it as:

“Network service provider” means an intermediary.

Intermediary again has been defined under section 2(w) as:

“Intermediary” with respect to any particular electronic message means any person

who on behalf of another person receives stores or transmits that message or

provides any service with respect to that message.

Further the Act contains in section 79 a clause which limits the liability of ISPs under

certain circumstances:

Network service providers not to be liable in certain cases.

For the removal of doubts, it is hereby declared that no person providing any service

as a network service provider shall be liable under this Act, rules or regulations

made there under for any third party information or data made available by him if he

proves that the offence or contravention was committed without his knowledge or

that he had exercised all due diligence to prevent the commission of such offence or

contravention

Cyber defamation

Section 66A of IT Act deals with defamatory statement and makes it an offence punishable with 3 years of imprisonment
and fine. As per section 79 of the Act generally ISPs are made responsible for the third party information, data, or
communication link made available or hosted by him.38 The Act further exempt ISPs from liability on fulfillment of the
conditions i.e., (a) he did not initiate the transmission, (b) did not selected the receiver of the transmission and (c) did
not select or modify the information in the transmission. Till the time ISP acts as passive carrier of the information and
remains neutral to information circulated he is exempted from any liability. He can be held liable if at any time he has
power of the controller, supervise dissemination of information. Upon receiving the take down notice for withdrawing
the information or blocking it, the ISP is required to act expeditiously as per the law prescribed and act within specified
time of 36 hours.

Privacy and Data protections

Due to widespread use of internet as facilitator of transmission and storing information, the issue of privacy data
protection has gained prominence. Privacy has not been defined under the IT Act, however the Rules 40 defined the
sensitive information and private information. Under Section 43A of the IT Act imposes penalty and compensation in
case failure to protect data by a body corporate. It is the duty of the body corporate possessing such sensitive
information to maintain reasonable security measures and procedure. In case of failure to observe it, the body
corporate is liable to pay compensation to the persons affected. During the course of providing connectivity to users,
ISPs as body corporate collect information of private nature. With regard to it they should maintain reasonable standard
of security and procedure to deal with it. They may also liable under Section 79, if they conspired or abet or aid or
induce, by means of threats or promise or otherwise commence the unlawful act, or after receiving knowledge of
wrongdoing or notified by the appropriate government, the ISP fails to remove or disable access to that material.

Copyright Protection

The peer to peer file sharing system violates the copyright of owners, if the proper authority of the owner is not taken in
this regard. The entertainment industry i.e.,music and cinematography industry are the most affected parties. New
movies, songs, music album etc. get published and circulated among the users of net with the help of various online
website facilitating transmission and storage facilities like bit torrent, pirate bay etc. affecting the economic rights of
rightful owners. Therefore, to deal with it now the trend followed by the parties who apprehend the copyright
infringement of their work to get an ex-parte interim injunction order in the form of “Ashok Kumars” or “John doe” at
the time of release of movie. The injunction order restrains any websites or intermediaries from providing a platform for
infringement of copyright.

The specific legislation in the form of Indian Copyright Act, 1957 (ICA) deals with the concept of infringement under
Section 51. As per it, if any person without a license or consent of the rightful owner of copyright work or the registrar of
copyright or in contravention to license granted under the Act (a) does anything which is the exclusive right of the
owner of the work, or (b) permits for profit any place to be used for communication of work to the public, then it
amounts to copyright infringement. The first point deals with the primary infringement and the second points focus on
the secondary infringement of copyright work. Depending on the nature of ISPs in providing services to the users the
liability under the Act will be decided. The ISPs which only provide the access service or webhosting facility to users are
of the secondary infringement as they provide the technological means to exploit the work.

The ICA under section 51 and 52 reading together exempt ISPs from some cases of copyright infringement under some
conditions as follows:

i. If the person violating the copyright had no reasonable grounds to believe that such communication to the public
would be an infringement.

ii. The transient or incidental storage of a work or performance purely of technical process of transmission or
communication to public;

iii. The transient or incidental storage of a work or performance for the purpose of providing electronic links, access or
integration, where such links, access or integration has not been expressly prohibited by the right holder.
iv. If the intermediary responsible for such storage has received a written complaint from the owner of work, the
intermediary should stop facilitating work for a period of 21 days or until he receives an order from a competent court
in this regards.

Further Section 79 of the IT Act limits the liability of the Intermediary/ISP. As per it an intermediary shall not be liable
for third party information data or communication link made available or hosted by the intermediary, if;

1. The function of intermediary is limited to provide access to a communication system on which the third party is
transmitting information; or

2. The intermediary does not (a) Initiate the transmission, (b) select the receiver of the transmission, and (c) select or
modify the information contained in the transmission.

3. The intermediary maintain due diligence while discharging his duties. The third part of section 79 illustrate the
situation when an ISP may be held liable i.e.,

i. If the intermediary conspired or abet or aid or induce, by means of threats or promise or otherwise commence the
unlawful act,

ii. After receiving knowledge of wrongdoing or notified by the appropriate government, the ISP fails to remove or
disable access to that material.

In pursuance to the Section 79, the IT Act in detail framed the Rules to maintain the level of due diligence in The
Information Technology (Intermediary Guidelines) Rules, 2011. The Rule requires the ISP to maintain the due diligence
while discharging the duties of ISP as follow:

1. It prohibit the user not to host, display, upload, modify, publish, transmit any information which (a) belongs to others;
(b) grossly harmful, defamatory, obscene, pedophilic, violate the privacy, racial, ethnical in nature; (c) harm minors;
(d)infringes or violate the Intellectual Property Rights; Violates any other laws; (e)Deceives or misleads the addresses
about the origin of information; (f) imposter others; (f) contain software virus; (g) threatens the unity and integrity of
the country;

2. ISPs shall publish rules relating to their Privacy regulation.

3. ISPs to act within 36 hours to disable the information if they acquire the knowledge that the information contained
therein is of the above categories. Further, the information is to be preserved as records for 90 days for investigation
purpose.

4. In case of non compliance with the intermediary rule and rule according the guidelines the ISPs can terminate the
access of usage rights of the user to the computer resource of intermediary.

5. ISP shall cooperate with the Government Agencies who are lawfully authorized for investigation, protective, cyber
security.

The Court has limited exposure to ISPs related cases. In the case of Super Cassettes Industries ltd. v. Yahoo Inc. &
Another, the High Court ordered the defendant restraining it or its agents, representatives from reproducing,
adaptation and distribution of music in any of their website. The defendant in this case was streaming the songs of the T
Series and making available the public on their website <www.video.yahoo.com>. Similar orders were passed by the
High Court in the case of Super Cassettes Industries Ltd. v. You Tube & Google SCIL51. The court gave the interim relief
to Super Cassettes by restraining Indian website from streaming audio and video content from some movie for which T
Series has music rights.
Delhi High Court in the case of Super Cassettes Industries Ltd. v. MySpace Inc. and Anr., decided a cross border violation
of copyright by website on foreign territory. MySpace, a Social media being based on US shared the music of Super
Cassettes on their websites. Plaintiff filed case at Delhi High Court for copyright infringement. The Court settled the
jurisdiction issue in favour of High Court after interpreting Section 62 of Copyright Act in favour of the Delhi High Court.
Applying the Indian Copyright Act, the court decided that MySpace violated the copyright of Super Cassettes as it
allowed the work to be made available for download at subscription fee from their websites.

Summary

1. ISPs plays important role in the development of Internet. They set the net of networks. They provide users various
services like accessing, transmission and storing of information.

2. The Information Technology Act, 2000 provides a list of eight intermediaries. ISP is one important intermediary. The
Act does not define ISP and give any hint as to how it is different from others.

3. There are various arguments for and against setting the liability of ISPs for the third party activities. Economic
viability, physical presence and sharing technology are the decisive factors in shifting the liability towards ISPs.

4. States follow the horizontal or non horizontal approach to set liability under various legislations. European Union
follows the horizontal approach and has a comprehensive legislation i.e., Directives of Ecommerce on the issue of ISPs
liability. USA follows the non horizontal approach and therefore the issues of liability of ISPs are dealt under various Acts
as per the specific requirement.

5. For copyright violation the Indian Copyright Act has specific provision for ISPs liability.

6. Indian Information Technology Act 2000 under section 79 deals with the exemption of liability of ISPs on the
fulfillment of specific conditions.

7. The Information Technology (Intermediary Guidelines) Rules, 2011 are framed to guide the ISPs regarding due
diligence to apply in case of their functioning.