Liability of intermediary under the Information Technology Act, 2000 and their rules


Intermediaries are most essentially middlemen, they are the common ground of communication from one end to another, and they generally provide information taken from one end to another, with some profit or none, thus concluding, any person providing any service as to electronic messages including receiving, storing, transmitting would qualify as an Intermediary.

Section 2(w) of the Information Technology Act defines Intermediary as ― intermediary, with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes;

Liabilities in Information Technology Act –

The liability of intermediary is defined as under Section 79 of Information Technology Act, 2000 (‘the Act’); Section 79 is a ‘safe harbor’ stipulation which grants circumstantial immunity to middlemen from liability for lawful suing from the third party claims, the breakthrough of the section is given as under:

  1. Section 79(1) of the Act grants intermediaries immunity, the same is conditional and circumstantial, leaving information data of a third party unavailable.
  2. This immunity is subjective as based on section 79 (2) and 79 (3) of the Act, that is, when the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted and when the intermediary is not initiating the transmission, selecting the receiver of the transmission, as well as selecting or modifying the information contained in the transmission;
  3. Section 79(2) necessarily inhabits cases where the activity taken by the intermediary is of a technical, automatic and passive nature. Thus, for application of section 79(2), intermediaries are to have neither knowledge nor control over the information which is transmitted or stored;

If the intermediary has employed conspiracy and unlawful practices, his immunity is expired with immediate effect; Section 79 introduces “notice and takedown” stipulation in many judgments. It resonates that intermediary would have lost the immunity if notified that any information, data or link residing in or connected to a network resource operated by it, is being employed to unlawful act and it fails to remove or disable access to that material.

Section 79 of the Act absolves the internet service providers, who work as middlemen, of its liability if the mistake can be proven and with sincerity, it does not mention who will be held liable for such contention in such event.

Section 79 – Exemption from liability of intermediary in certain cases –

  1. Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-sections (2) and (3), an intermediary shall not be liable for any third party information, data, or communication link made available or hosted by him.
  2. The provisions of sub-section (1) shall apply if–
    • the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted; or
    • the intermediary does not–
      • initiate the transmission,
      • select the receiver of the transmission, and
      • select or modify the information contained in the transmission;
    • the intermediary observes due diligence while discharging his duties under this Act and also observes such other guidelines as the Central Government may prescribe in this behalf.
  3. The provisions of sub-section (1) shall not apply if–
    • the intermediary has conspired or abetted or aided or induced, whether by threats or promise or otherwise in the commission of the unlawful act;
    • upon receiving actual knowledge, or on being notified by the appropriate Government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner.

Explanation–For the purposes of this section, the expression ―third party information‖ means any information dealt with by an intermediary in his capacity as an intermediary.[1]

The Information Technology (Intermediary Guidelines) Rules –

In 2011, The Information Technology (Guidelines) Rules were introduced by Central Government resonating to the powers under Section 87(2) read with section 79(2) of the act. The 2011 guidelines are then to be modified by the proposed guidelines in 2018

According to the 2011 guidelines, anyone who seeks ‘safe harbor’, needs to make certain that they adhere to the following:

  1. Publishing of privacy policy, and the conditions that people are agreeing to
  2. Publishing of all the prohibiting acts
  3. Intermediaries to not publish or host information with due knowledge of what they’re doing and its consequences, as reading under sub-section 2
  4. Intermediaries to make certain that they delete such information in 36 hours and storage of same 90 days for investigative purposes
  5. Intermediaries to take all measures to neglect computer resource
  6. Middlemen to provide help to the government in 72 hours
  7. Intermediaries to report cybersecurity incidents
  8. Intermediaries need to provide tech-based automatic tools to remove public viability to unlawful information.
  9. Intermediaries with more than five million must incorporate a company in India. 

Subsequent Cases –

Avnish Bajaj v. State[2]

In this case, the company was not charged but the Managing Director was under criminal provisions as under the Indian Penal Code read with IT Act, for circulation by a third party on an online platform

The Delhi High Court observed that companies bear the risk if their uploaded content manages to escape the filter for blocking pornographic content, it was then subsequently observed that there was a need for broadening the scope of protection given to middlemen

The IT Act was, therefore, amended in 2008 to include a safe harbor routine under Section 79 of the IT Act and the definition of intermediaries was amended. Safe Harbor is an exemption provision which provides conditional immunity to the intermediaries as long as they prescribe to the conditions of the section.

Shreya Singhal v Union of India[3]

Section 66A of the IT Act was struck down in this landmark judgement, it was recognized by Supreme Court that the citizens free speech was being violated, the act subsequently produced punishment for offensive messages on the internet

The Court granted an exemption to websites under section 79, witherto deciding that it fell under the ambit of the said section

The Court contented that “it will be unreasonable for intermediaries like Google, Facebook etc. to act when millions of requests are made and the intermediary is responsible to judge as to which of such requests are legitimate or justified and which are not.”

My Space Inc. v Super Cassettes Industries Ltd. [4]

In this case, the division bench of the Delhi High Court laid down the concept of ‘actual or specific knowledge’ and contented that middlemen can be held liable if they have actual or specific knowledge of the existence of embarrassing content on the website from owners of the content and after such notice, the content is not taken down.

The Court distinguished copyright matters and contented that incase intermediaries were given the responsibility of identifying illegal content, it could have a chilling effect on free speech and will lead to private censorship.

There is no need for a court order in such cases.

Amway India Enterprises Pvt Ltd v 1Mg Technologies Pvt Ltd & Anr.[5]

The Division Bench held that the guidelines are advisory and are not law and thus, not enforceable.

The Court further invested detailed reasoning as to why major e-commerce giants are actively involved and thus, do not qualify as intermediaries entitled to exemption as under the safe harbor provided in Section 79 of the IT Act. It was contented that any non-compliance of the “due diligence” requirements as per the Intermediary Guidelines and failure of adherence as to their own rules would make the e-commerce platforms liable.


It is noticeable that India is towards more strict intermediary liability. Right now, Section 79 of the IT Act, the Intermediary Guidelines as well as the landmark judgement of Shreya Singhal, evolved the intermediary liability refining the standards and conditional exemption. Therefore, as of now, intermediaries are not liable unless they had proper information (due diligence), and proper order (The information mentioned here should be specific and not wide) is given by a government authority.


[2] Avnish Bajaj v. State (NCT of Delhi), (2005) 116 DLT 427.

[3] Shreya Singhal v. Union of India, AIR 2015 SC 1523.

[4] Super Cassettes Industries Ltd. v. Myspace Inc. & Anr., 2011 (48) PTC 49 (Del).

[5] Amway India Enterprises Pvt Ltd v 1Mg Technologies Pvt Ltd & Anr., CS (OS) 410/2018.

[4] Super Cassettes Industries Ltd. v. Myspace Inc. & Anr., 2011 (48) PTC 49 (Del).

[5] Amway India Enterprises Pvt Ltd v 1Mg Technologies Pvt Ltd & Anr., CS (OS) 410/2018.

Authot:- Rishita Tiwari

Law student at Vivekananda Institute of Professional Studies, Guru Gobind Singh Indraprastha University

Leave a Reply