Intermediaries

August 27, 2024

INTERMEDIARIES

Sec.79 deals with the immunity available to intermediaries. The Information Technology (Intermediaries guidelines) Rules, 2011 governs the duties of intermediaries.”Intermediary” with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online marketplaces and cyber cafes.

Intermediary will not be liable for any third party information, data or communication link hosted by him. It will apply only if –

  •  the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted; 
  • the intermediary does not initiate the transmission or select the receiver of the transmission and select or modify the information contained in the transmission;
  • the intermediary observes due diligence while discharging his duties.

The intermediary will be held liable if he conspired or abetted or aided or induced whether by threats or promise or otherwise in the commission of the unlawful act. He will also be liable if upon receiving actual knowledge or on being notified that any information, data or communication link residing in or connected to a computer resource controlled by it is being used to commit an unlawful act and it fails to expeditiously remove or disable access to that

material.

The intermediary should observe the following due diligence while discharging

his duties –

  • The intermediary should publish the rules and regulations, privacy policy and user agreement for access-or usage of the intermediary’s computer resource by any person.
  • Such rules and regulations, terms and conditions or user agreement shall inform the users of computer resource not to host, display, upload, modify, publish, transmit, update or share any information.
  • The intermediary should not knowingly host or publish any information or should not initiate the transmission, select the receiver of transmission, and select or modify the information contained in the transmission.
  • The intermediary, on whose computer system the information is stored or hosted or published, upon obtaining knowledge by itself or been brought to actual knowledge by an affected person in writing or through email signed with electronic signature about any such information should act within thirty six hours and where applicable, work with user or owner of such information to disable such information. Further the intermediary should preserve such information and associated records for at least ninety days for investigation purposes. 
  • The Intermediary should inform its users that in case of non-compliance with rules and regulations, user agreement and privacy policy for access or usage of intermediary computer resource, the Intermediary has the right to immediately terminate the access or usage lights of the users to the computer resource of Intermediary and remove non-compliance information.
  • The intermediary should strictly follow the provisions of the Act or any other laws for the time being in force.
  • When required by lawful order, the intermediary should provide information or any such assistance to Government Agencies who are lawfully authorised for investigative, protective, cyber security activity.
  • The intermediary should take all reasonable measures to secure its computer resource and information contained therein.
  • The intermediary should report cyber security incidents and also share cyber security incidents related information with the Indian Computer Emergency Response Team.
  • The intermediary should not knowingly deploy or install or modify the technical configuration of computer resource or become party to any such act which may change or has the potential to change the normal course of operation of the computer resource than what it is supposed to “perform thereby circumventing any law for the time being in force.
  • The intermediary should publish on its website the name of the Grievance Officer and his contact details as well as mechanism by which users or any victim who suffers as a result of access or usage of computer resource by any person can notify their complaints against such access or usage of computer resource of the intermediary or other matters pertaining to the computer resources made available by it. The Grievance Officer should redress the complaints within one month from the date of receipt of complaint. 

To download this note as a PDF and have a handy reference for future use

Attention to all law students!
Are you missing out on internships, job opportunities, and essential law notes?
Don’t worry! Join over 45,000 students who are already part of the largest legal community. Don’t get left behind!
Become a member of our WhatsApp Groups (Click Here) and Telegram Channel (Click Here) for instant update

If you want to add something or just say thank you,