Digital India Act-4 :Is there only one type of Intermediary in ITA 2000?

In introducing the need for a new Act namely Digital India Act to replace the existing ITA 2000, the Government has identified 5 distinct changes in the environment since 2000 as follows.

Out of the five identified developments, it is easy to understand the numeric growth of Internet users from 5.5 million to 850 million. This is because the cost of Internet access has become very low and also the web content has become more useful. But some of the other reasons stated is not correct.

For example, ITA 2000 never stated that there is only one kind of intermediary, namely the Internet Service Provider.

In ITA 2000, the definition of Intermediary was :

“Intermediary” with respect to any particular electronic message means any person who on behalf of another person receives, stores or transmits that message or provides any service with respect to that message;

In the 2008 version, the definition was changed to the following:

“Intermediary” with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search enginers, online payment sites, online-auction sites, online market places and cyber cafes.

Along with this definition, Section 79 spoke of the safe harbour provision, and it introduced a condition (in 2008 version) that the protection under Section 79 was available only if the intermediary does not initiate a transaction or select the receiver of the transmission and select or modify the information contained in the transmission. As a result the definition of the intermediary got altered. But since most intermediaries could not satisfy these conditions, they were practically not intermediaries.

While the definition of the Intermediary was linked to a transmission of a message and could be expanded to any service which was passive, it could not be applied for Section 79 purpose to services where there was an element of monetization which required management of the service in such a manner that the intermediary chose the receiver, the supplier and also what modifications were to be made to the message.

If therefore only the ISPs and MSPs had the pure characteristics of an Intermediary eligible for Section 79, there were many other types of intermediaries who did not come under section 79 protection because of their business model. The definition could be interpreted in such a manner that a Fintech platform could be an intermediary while the Banks/Fintech companies riding on the platform were not. A Bank could not be a beneficiary in respect of customer information since it was using customer information for its business but could be an intermediary in respect of the insurance marketing service it might have been rendering to their insurance subsidiary.

The different types of intermediaries now being identified as OTT, Gaming etc were all “Intermediaries” under the ITA 2000 and MeitY had the power to introduce due diligence obligations on them. Even services such as Domain Name Registrars, hosting companies, Cloud service providers were all “Intermediaries” under the current law and hence it is incorrect to say that there is a need to change the law because of this reason. The Government has in the past failed to assert its right to regulate the intermediaries and often catapulted under a legal challenge. It was the fear of bad media that kept the Government from introducing the required changes. Even now the Gaming Regulations are only issued for public comments and not issued as an operative direction.

As long as the Government is hesitant to make proper interpretation of the law, even if new definition of intermediaries are introduced in DIA, the law will remain unimplemented.

Discussion continues…


About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.