Protection of Copyright In The Digital Age: The Role And Liabilities of ISPs In India
Infringement of Copyright is not a new concept. However, in the current digital age, online protection of copyrights has become the foremost aspect of copyright protection. This essay shall deal with online copyright infringement and the corresponding liability with respect to Internet Service Providers (ISPs), the fundamental character in online copyright infringement.
In recent years, European and American courts have witnessed several cases where Internet Service Providers (ISP’s) and such internet carriers have been sued for a variety of issues relating to copyright, invasion of privacy, defamation, etc. In such cases, difficulties usually arise from the fact that intellectual property rights are traditionally bound by territorial limitations which further become vague and complex when it comes to the internet, resulting in confusion and conflict of law. The law on the liability of Internet Service Providers (ISPs) is yet to be applied in the Indian context. The Copyright Act, 1957 specifically excludes the recognition of copyright and other similar rights apart from those recognized under the Act. There is thus no common law copyright in India and no place for applying tort law principles to find ISPs liable, as has been the position in the United States.
ISP Liability In India:
In India, the approach of the law with respect to ISP liability is vertical. This means that the liability of an alleged infringer would depend on the area of law applicable for the particular type of infringement. This approach has led to the establishment of liability of ISPs under the Copyright Act and the Information Technology Act, which are discussed below:
1. Indian Copyright Act, 1957:
The Indian Copyright Act, 1957 was modelled after the British Copyright Act of 1955. The Indian legal position in this regard reflects the British position in the CBS Songs Case, which disallows the application of the tort law principles of contributory and/or vicarious liability, but allows a copyright infringement claim with respect to a breach of authorization rights.
The Indian Copyright Act was drafted at time when the significance of the internet as it is today was obviously not anticipated. It evidently has no mention of the liabilities for ISPs in Copyright Infringement cases as such. Though the Act has been amended in 1994 and 1999, it still does not contain any express provision for determining or limiting ISP liability. Even so, the careful choice of language has allowed it to be technologically neutral, as well as open to interpretation. This shall be clear from the following provisions, which could be interpreted to have bearing on the liability of ISPs to a certain extent,
As per Section 51(a)(ii) of the Copyright Act;
“Copyright in a work shall be deemed to be infringed, when any person, without a licence granted by the owner of the Copyright or the Registrar of Copyrights under this Act or in contravention of the conditions of a licence so granted or of any condition imposed by a competent authority under this Act permits for profit any place to be used for the communication of the work to the public where such communication constitutes an infringement of the copyright in the work, unless he was not aware and had no reasonable ground for believing that such communication to the public would be an infringement of copyright.”
Now ISPs allow their servers and other telecommunication devices to store and transmit their users’ data across the network. These servers and devices however are physically present in the business premises of the Service Provider. Hence they would come under the expression “any place” as mentioned in the Act and be held liable for storing and transmitting infringed third party data if the other requirements are fulfilled. Moreover the expression “permits for profit” is also of much importance. Hence to be liable the ISP must be benefitting financially from the infringing activities. ISPs earn from not only their service charges but also from advertising. Now if they offer some service for free, say illegal copyrighted material, they still profit from it through the advertisements that are bundled along with it.
Hence if the ISPs do transmit and store infringed material, they could still be liable if they fulfil the above two requirements. Moreover, if the mentioned requirements are fulfilled they may also be liable criminally under Section 63 of the Copyright Act, which states;
“Any person who knowingly infringes or abets the infringement of,
(a) the copyright in a work, or
(b) any other right conferred by this Act,
shall be punishable with imprisonment which may extend to one year, or with fine, or with both.”
Finally the expression, ‘unless he was not aware and had no reasonable ground for believing that such communication to the public would be an infringement of copyright’. This expression is crucial in the sense that the liability is constituted only if the ISPs have the knowledge of the infringing material stored or being transmitted through their servers. Hence the only exception to this liability is for the ISPs to prove that they did not know that their activities were causing harm to the copyright owner.
2. Information Technology Act, 2000
In India the provisions relating to the ISPs are to an extent legislated in the IT Act, 2000 where an Internet Service Provider is referred to as “Network service provider”. According to S. 79 (a) of the Act a Network Service Provider means an “Intermediary”. An Intermediary again has been defined under Section 2(w) as “any person who on behalf of another person receives, stores, or transmits that message or provides any service with respect to that message.”
Further, Section 79 in Chapter XII of the Act, which deals with cases where Network Service Providers are not to be liable states:
“For the removal of doubts, it is hereby declared that no person providing any service as a network service provider shall be liable under this Act, rules or regulations made thereunder for any third party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention”.
Section 79 thus absolves the liability of the ISP if it can prove that firstly, there was no knowledge of the alleged infringement, and secondly, due diligence was taken to prevent such infringement. It can be well construed that the intention of this piece of legislation in this section is aimed at providing immunity to ISPs. This immunity is absolute if the ISP can prove any of the above, namely lack of knowledge and due diligence. If the ISP has notice of the fact that the data passed through its servers or stored in them likely infringes the copyright of another, he is deemed to have ‘knowledge’ about it and is under obligation to employ appropriate measures to prevent the same. Further the expression ‘due diligence’ is also included in the section. The degree of diligence would be judged by reasonable standards expected of a person who is aware of an illegal activity taking place or likely to take place. This has left the concept of liability in India a very vague and limited.
Therefore, to put it in a nutshell, the major limitations of the Indian law when it comes to address the problem of online copyright infringement are;
(a) The vague provisions of section 79 of the IT Act, which leave enough scope for authorities to harass ISPs in matters where their liability comes into question.
(b) The expression “due diligence” is pivotal in deciding the liability of ISPs. Unfortunately the term has not been defined in the entire Act. This creates confusion and ambiguity among the ISPs as to the exact interpretation of ‘due diligence’.
(c) Neither the Copyright Act nor the IT Act classifies or defines an ISP. ISP liability, if included within the IT Act, is erroneously same for one who acts as a mere communication carrier such as telephone network operators, and one who is responsible for transfer of data via the internet. It is therefore imperative that the difference is made clear and that these two entities (Network Providers & Internet Service Providers) are classified accordingly.
ISP Liability In The USA And Europe:
In the USA and Europe, wherever lawsuits questioning the liability of the ISP have come up, the two common grounds of defence have been the following:
(a) Firstly, ISPs claim that they are just “passive carriers” and they play the role of a mere messenger and not as of a publisher. In the case Fonovisa v Cherry Auctions, the court had said that “supplying the site and facilities for direct infringement is ‘materially contributing’ to the infringing conduct and must attract liability”. However in the case Sony v Universal Studios the court rejected the proposition and held that “merely providing means to accomplish infringing activity was not sufficient without constructive knowledge of the infringing activity”.
(b) Secondly, it is impossible to ensure that all the data flowing through its servers does not infringe any person’s copyright. Given that the quantum of data passing through their systems is colossal, it is highly impracticable to expect ISPs to be able to screen the content in entirety. Moreover even post screening, 100% accuracy cannot be achieved so as to prevent every single instance of copyright infringement. In the case Religious Technology Service Centre v Netcom, the court held that information providers only offer an opportunity to publish and are unable to exercise any influence on, or what people say on the internet.
We thus see that the two basic defences argued by the ISPs are the fact that they are just passive carriers of data and are in no way materially involved in the conduct of infringement and secondly that it is practically impossible to screen all the data passing through their servers.
In the United States the law regarding online copyright infringement is dealt with in the Digital Millennium Copyright Act (DCMA), in effect from 1998. Title II of the DCMA, cited as the “Online Copyright Infringement Liability Limitation Act” (OCILLA) lays down the limitations on the liabilities for online copyright infringement. Furthermore, section 512 of the Act provides for limitation of liabilities online. Each of the limitations in the act restricts monetary damages while restricting the availability of injunctive relief in various respects. The OCILLA creates a safe harbour for Internet Service Providers, provided they adhere to certain guidelines set for them. They are protected from copyright liability if they block allegedly infringing material on receipt of notification from the copyright holder. Further, OCILLA has provisions for counter-notification, wherein they (Service Providers) are harboured from liability to their users upon notice from such users claiming that the alleged material in question does not constitute infringement.
Another aspect to be taken into consideration is the concept of Digital Rights Management (DRM). DRM is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. These techniques allow intellectual property rules to be embedded directly in the infrastructure of online content distribution. Current DRM technologies seek to foreclose violations of intellectual property rights by restricting users’ interactions with online content.
In the European Union, the liability regarding Internet Service providers are laid down by the Directive on e-Commerce of 2000. The Electronic Commerce Directive, adopted in 2000, sets up an Internal Market framework for electronic commerce, which provides legal certainty for business and consumers alike. It establishes harmonised rules on issues such as the transparency and information requirements for online service providers, commercial communications, electronic contracts and limitations of liability of intermediary service providers. The Directive provides for both absolute and qualified exemption from liability for service providers. Article 12 of Section 4 of the Directive lays down the rules wherein if the role of the service provider is merely of a conduit, the exemption from liability is absolute, hence absolving the service provider from any liability for the conducts of its users.
Both the United States and the European Union give certain protections to internet service providers as well as content providers. As hitherto mentioned, no liability is imposed on them unless service providers are expressly notified of the alleged infringement.
The law relating to ISP liability is vague and undefined, and is facilitating an unjust shift in the liability of wrongful users on ISP’s, making them the scapegoat of inadequate legal framework. There is therefore an urgent necessity to incorporate express provisions in the Indian Copyright Act or the Information Technology Act regarding ISPs. In order to pave way for sound legislation with regard to ISP liability in India, it is essential to address some of the key issues mentioned hereunder;
a) First and foremost, there is an urgent need to outline the definition of an Internet Service Provider. Unless the identity and role of an ISP is clearly specified, the law will be incomplete with regards to any of the other aspects. The term “due diligence” in the IT Act also needs to be defined clearly as the liability of ISPs largely depend on the factor of due diligence being present or not.
b) It is suggested that the liability of the ISP should be based on the degree of involvement in the alleged infringement. Classifications as prepared in the DCMA can be used as an effective tool so that the liability of ISPs may clearly be identified. While effective measures must be ensured so that ISPs cannot absolve their liability by giving frivolous excuses, care should be taken that ISPs are not held responsible where they act as mere conduit providers and are at not at actual fault. In order to achieve this, it is essential that proper classification of the ISPs, based on their roles in the network system is carried out.
c) Provisions must be incorporated to address the financial aspect of transaction between the ISP and a third party. The relation between the service provider and the subscriber also needs to be dealt with. This would help in the separation of rights and duties between the provider and subscriber and therefore contribute to resolve the problem of misunderstanding with regard to the question of liability.
d) Finally, the Information Technology Act must make it mandatory for ISPs to terminate services of subscribers who repeatedly violate copyrights and engage in infringement of copyrights. The Digital Millennium Copyright Act makes it compulsory for the ISPs to follow such policies in order for them to eligible for protection under ‘safe harbour protection’.
The ISPs play an important role in the growth of the internet, and thus enable transactions and communications between millions and millions of users. The absence of specific laws defining the liability of ISPs, result in the constant risk of incurring liability for any or all of their transactions and inactions, hindering the growth of the internet. With a view to better equip Indian laws dealing with ISP liability for copyright violation by third parties, the IT Act requires attention to some very fine, yet important issues without which the ISPs and their role could become disastrous to the internet.
# Ameet Dutta, ISP Liability in India: Fact or Fiction? May 2007
# CBS Songs Limited and Ors. vs. Amstrad Consumer Electronic Plc and Dixons Limited: [(1988) RPC 567 (HL)]
# Indian Copyright Act, 1957 S.51 (a)(ii)
# Indian Copyright Act, 1957 S.63 (a) & (b)
# Sharma Vakul, Information Technology Law and Practice, 2nd edition (Universal Law Publishing Co Pvt. Ltd, New Delhi), 2007 p.18-19 and 191-192.
# Osborne D, Copyright and Trademark Infringement on the Net - Looking to the Internet Service Provider First, [http://www.iprights.com 25 Jan 2009].
# 847 F. Supp. 1492, 1494 (E.D. Cal. 1994)
# 464 U.S. 417(1984)
# Sieber U, Criminal Liability for the Transfer of Data in International Networks-New Challenges for the Internet, Computer Law and Security Report, 13(1) (1997) 151; CompuServe’s Ex-Officials Porn Case Reversed, Associated Press (15th February 2009)
# 512(j) of The Digital Millennium Copyright Act, 1998.
# 512(g)(2) Exception B
# See e.g. Microsoft, MSDN, Windows Media 9 Series,
# Webpage of the European Union
# Shah A., The Information Technology Act, 2000: A Legal Framework for E-governance, http://www.sudhirlaw.com/innermain.htm
# 512(i) Conditions for Eligibility Section 512(i) outlines the general requirements for a grant of immunity; Service Providers must implement an account termination policy for repeat infringers, must inform their users of this policy, and must accommodate standard copy protection systems.