|
It's been some time around since India has embarked on its cyber journey.
However, only recently did we see the invocation of the law when Bazee was
booked for running a website that contained objectionable third party content.
The last few days have seen the media being dominated by various developments
that relate to the MMS-Baazee.com case. The arrest of Baazee.com's CEO has
brought into sharp focus the gaping holes in India's cyber law, namely IT Act
2000. In this case, the IT Act has been used for booking a website, for
allegedly obscene electronic information posted on it and making it liable for
the same within Section 67 of the IT Act 2000.
The law does not talk about a website but only defines a "network
service provider (NSP)" as including any intermediary. On the liability of
NSP, Section 79 of the IT Act states that for the removal of doubts, it is
hereby declared that no person providing any service as a NSP shall be liable
under this Act, rules or regulations made therein for any third party
information or data made available by him if he proves that the offence or
contravention was committed without his knowledge or that he had exercised all
due diligence to prevent the commission of such offence or contravention.
I believe that Section 79 which talks of on the has not been drafted in a
crystal clear manner. The real import of Section 79 is also that barring the two
conditions stipulated therein, NSP shall be liable for all third party
information or data made available by them.
Further, the definition of a NSP under the said provision is extremely wide,
so as to include all kinds of not just Internet Services Providers but also
mobile services providers, value-added services providers, certain categories of
content service providers and many others (anyone who is an intermediary on the
network).
Further, the law does not stipulate how to prove the absence of knowledge of
a NSP. The law puts the burden of self-defence on the NSP.
The laws of some nations seek to make the network service providers liable
for third party data or information made available on their service. I am of the
opinion that in the long run, this principle is not likely to hold any nation in
good stead. NSP, by the very intrinsic nature of their work, cannot practically
know about each and everything available on their network. Making NSP liable for
things over which they may have no control is not only going to be unfair but is
also going to hurt the service provider industry in the long run.
In the West, NSP are normally not liable for third party information or data.
If anybody finds anything objectionable on their site or service, he must report
the same to the provider. If the NSP fails to remove the said objectionable
material within a reasonable time from his service, his liability under the law
begins and not otherwise. This, I believe, is the more prudent way to approach
the issue of liability of NSP.
Therefore it is essential to lay down the rules in clear terms and specify
the standards of Due Diligence rather than leaving the same to the
interpretation of law enforcement agencies. Such standards would enable the
industry to comply with the same and would, in turn, ensure the smooth running
and implementation of the Indian cyber law.
While the Government has indicated its intention of coming up with new legal
provisions on this subject, till such time as this law is not amended, all NSP
must ensure compliance with provisions of the IT Act 2000 and its various rules,
regulations and notifications. For the present, the only "Nirvana" for
NSP lies in complying with the necessary and mandatory provisions and
requirements of the Indian cyber law.
I am of the opinion that the MMS Bazee.com case should serve as a wake up
call for all NSP and IT companies who find that they are covered under this
definition, to ensure proactive compliance with the law.
Compliance, Compliance, Compliance!!! This alone is the mantra for the Indian
IT and BPO Sector.
Pavan Duggal
Page(s) 1
| 
Print
Comment
Email
Digg
Del.icio.us
Reddit
Twitter
