Internet service providers' (ISPs') place in the digital world has grown in importance, although there is still debate in cyber law over their legal responsibility. This article explores the intricate network of laws and case law pertaining to ISP liability from a domestic standpoint.

In addition, the piece examines significant court rulings or landmark judgements that have influenced ISP liability and clarified the varied views of ISPs' duties in supporting online activity. The article covers various approaches of determining the liabilities of the Internet service providers.

This article provides important insights into the dynamic and complex nature of ISP liability in cyber law through a thorough analysis of statutory provisions, court decisions, and academic discourse. This helps policymakers, legal professionals, and scholars to navigate this complex legal landscape.

Introduction 
Cyberspace is a virtual environment or area made by artificial intelligence clones. It is a web made up of electronics, computers, and communication networks that allows users to access the virtual world. It makes international communication simple and accessible. It is made up of enormous computer networks that are further divided into smaller networks. 

The word "cyberspace" was initially used by science fiction writer William Gibson to refer to the online information sources. Cyberspace is just the human population's network of connections made possible by computers and telecommunications, regardless of physical location. There are no geographical restrictions in cyberspace. Cyber space is a much wider term than the internet, but it also involves computers, computer networks, internet, data etc.

Cybercrimes are crimes committed through the use of digital environments in virtual spaces. Cybercrimes have increased as a result of technology advancements and the growing volume of data in the cyberspace. Cyber hacking, laundering of money, cyber bullying are some of the examples of cybercrimes.

With the growth of the internet and digital consumption, methods to validate and regulate the validity, security, and privacy of data became more and more necessary. This led to the creation of cyber law, which regulates cyberspace and the crimes committed within it. Since cyberspace is not a physical place, the general laws do not apply there. Cyber laws were developed to defend against infringements on the rights of others in the cyberspace and to make sure that cybertechnologies are not abused.

All of the statutes and regulations pertaining to computers and the internet are combined into what are known as cyber laws. They address every legal concern pertaining to the exchange, distribution, and purchase of network-related information technology and apparatus.  

What are Internet Service providers?

Internet service providers are organizations that link users to the internet. These are businesses that establish a connection by giving customers access to internet resources in exchange for a monthly fee. They give customers and companies access to the internet. 

Since a number of middlemen are required to make a work available online, there are many middlemen engaged in the supply of online material to end users. A person who wants to develop a website must first register for a hosting service, following which he can upload pages to his website. The website is stored on the host's "server," which is effectively a large hard drive that is linked to the Internet. Once the uploaded papers are saved on the server, anyone with an Internet connection can access them right away. Thereafter, an access-provider provides access to the Internet.

The transmitted material travels through the infrastructure of a network provider from host to access provider to end user. In addition to providing the physical infrastructure needed for signal conveyance, this supplier routes and transmits the signal to the intended recipient. All of these services are often offered by a single legal company.

Internet service providers are essential to the transmission or distribution of content produced by other parties, even while they do not originate or take part in the decision to distribute any specific item. They act in the capacity of middlemen. According to Section 2(w) of the Information Technology Act of 2000, an intermediary is "any person who, on behalf of another person, receives, stores, transmits, or provides any service with respect to that record." Cyber cafés, telecom service providers, network service providers, internet service providers, web hosting service providers, online payment sites, online auction sites, and online marketplaces are all covered in this category .

Functions of ISPs

Main services offered by internet service providers are two. First, they offer website creation and hosting services; second, they offer internet access.

The functions of ISPs can broadly be categorized into four:

1. Offers customers internet access. Users are free to upload and download any kind of content.
2. It offers host services so that content creators on the web can publish and share their work via Internet service providers.
3. Making cached copies of content on pages where they anticipate a higher volume of access requests in order to facilitate faster and more convenient access to the closest cached copy of the content.
4. Uses search engines to offer customer support.

Approaches for determining the liability of ISPs

The Internet service providers' responsibilities come from a variety of legal domains. Numerous nations have attempted to clarify the ISPs' liability when it comes to sharing content from third parties. A large number of these national laws deal with copyright, criminal law, or information technology legislation. These statutes have attempted to address the issue by using either a non-horizontal or a horizontal approach.

Apart from copyright infringement, the horizontal approach takes into account all other potential legal domains wherein ISP liability could arise. It proves liability regardless of the possible legal justifications for the transmission of the forbidden material. The non-horizontal method, on the other hand, assesses the possible liability of ISPs based on each statute that may apply. In this situation, ISP liability would be determined by a number of laws; for instance, the copyright act's non-horizontal approach would address ISP liability that might only be connected to copyright infringement. 

1. Horizontal Approach 
   The horizontal approach holds that the ISPs are initially held accountable for their actions under the basic legal standards. If an Internet service provider is subsequently found guilty of a crime, their liability is limited by the exclusions granted to them under specific statutes. For instance, if an ISP is charged with copyright infringement, they are first tried in accordance with copyright rules, and if they are found guilty, their liability is limited by the exceptions provided by a specific statute.
   
   As a result, a single statute determines the ISPs' culpability. This method is frequently found in German, Japanese, and other legal systems.
    
2. Non-horizontal approach
   This method makes use of a number of statutes to establish the IPSs' responsibility. The legal provisions and jurisdictions dictate this. This stands contradictory to or is inconsistent with the method used in the horizontal approach to ascertain the ISPs' obligation. For instance, the defamation rules might be applied for offences pertaining to copyright, while the copyright law would have the authority to determine liability in copyright violations. Several nations, including Singapore, Hungary, Ireland, and the United States of America, have adopted this strategy.

Liability for Copyright infringement
ISPs are often times sued for copyright violations than the individual violators. This is mostly because it is much simpler to track down the ISPs than it is to identify the real infringer. Some further explanations would be that the ISPs are more financially secure, making it simpler for them to provide compensation. Additionally, suing the ISPs will serve as a deterrent to other users, encouraging them to refrain from engaging in infringement. 

There are no specific provisions in the copyright legislation that address safeguarding data against unauthorized use. On the other hand, there are several clauses that can be used to hold ISPs accountable. Section 51(a)(ii)  states that copyright in a work is considered to be infringed upon when someone permits for profit the use of any location for the communication of the work to the public in a way that violates the copyright in the work, unless, that is, the person was unaware of the possibility of the communication or had no reasonable basis to believe that it would violate the copyright.
The two main components of Section 51(a)(ii) of the Copyright Act are "permits for profit" and "any place."

ISPs readily accommodate the notion of "anyplace" because they allow user-generated content to be sent and stored on their corporate property, which includes their servers and telecom facilities. They might also be held liable for violating the rights of third parties if they save or distribute the content for profit. According to the "permits for profit" clause, the ISPs have to make money off of the infringements. Usually, this is done by charging for their services or by generating revenue tangentially through the placement of advertisements. For the majority of their operations, ISPs therefore meet these two requirements. 

Determining whether an ISP can be held primarily or secondary accountable for copyright infringement is also significant. In contrast to secondary infringers, who are only deemed to have violated copyright if they knew or had reasonable suspicion that they had contributed to the infringement, primary infringers are held strictly accountable for their actions. The terms "not aware" and "had no reasonable ground for believing" suggest that the ISPs could only be held liable secondarily because their liability has been based on knowledge of the infringement, even though the copyright act does not specifically separate liability of infringement into primary and secondary.

Liability for cyber defamation
Defamation, to put it simply, is the act of harming another person's reputation via spoken or written words, gestures, etc. The act of disseminating false information about someone else online or in cyberspace is known as cyber defamation. Due to its global reach and lack of physical boundaries, cyberspace can cause significant harm to one's reputation.

Depending on the published material, it can have a significant impact on both individuals and society as a whole. Section 66A of IT Act deals with defamatory statement and it makes it an offence punishable with 3 years of imprisonment and fine. Therefore, in the event of cyber defamation, one's guilt is ascertained under the defamation rules and, if found, checked to see whether any exemptions apply under section 79 of the IT Act, 2000.  

It is crucial to realize that, in most situations, Internet service providers are the secondary publishers in order to comprehend their liability for cyber defamation. If the following are demonstrated, any secondary publications can avoid accountability for handling defamatory content from third parties:

1. It served simply as a conduit.
2. It carried out its responsibilities with due diligence.
3. It was unaware of the publication's defamatory nature or did not know about it, and once notified by a government agency, it promptly removed the offending publication. 

Nonetheless, there are some circumstances in which an ISP may be regarded as a principal publisher, such as when the ISPs exercise editorial control over any message boards, etc. 

Liability under IT Act, 2000
The Information Technology Act, 2000 refers to the Internet Service providers as 'Network service provider . It defines the same as: "Network service provider" means an intermediary. Intermediary is defined as: "Intermediary" with respect to any particular electronic message means any person who on behalf of another person receives stores or transmits that message or provides any service with respect to that message.

This provision further provides some exceptional cases in which the liability of the ISPs can be limited. Therefore, the liability of a ISP is to be first determined as per the statute under which the act/ omission arises and if the ISP is held liable under the same, then that liability shall be filtered through the provisions given in section 79 of the IT act.  

Section 79 states that, the intermediary shall not be liable for any kind of third party information, data or communication link that is hosted by him, if:

1. The function of the intermediary is limited to providing access to a communication system over which the information made available by third parties is transmitted or temporarily stored or hosted; or
2. The intermediary does not initiate the transmission, select the receiver, or select or modify the information that is contained in the transmission.
3. The intermediary observes due diligence as per the Act and follows the guidelines given by the Central Government while discharging its duties.
    

Section 79(2) of the Information Technology Act, 2000

Section 79(2) provides two major grounds under which an ISP can qualify to seek exemption from liability under clause (1):

• Lack of knowledge: In order to hold the ISP accountable under Section 79 of the IT Act, 2000, it is imperative that they have knowledge of the illicit contents. If it can be proven that the Internet service provider was not aware of the content being stored on and going via its servers, then liability can be avoided. However, the ISP may be held accountable if it receives notification that illegal content is being stored on or transmitted through its servers. In such a case, it must take the necessary steps to disable or delete the illegal content.
   
• Due diligence: ISPs must use "due diligence" in accordance with Section 79 of the Act in order to shield themselves from liability for illegal content that travels across their servers. This necessitates actual knowledge or carelessness. Since it is impossible to fully monitor and judge the legality of every file, the scope of the need is a complicated matter. ISPs are not responsible for illegal content that passes via their servers unless they are informed of it. An ISP may be required by "due diligence," or a duty of care, to look further into whether the content it hosts or links to is illegal and, if so, to prevent access, if it notices suspicious activity.

Section 79(3) of the Information Technology Act, 2000

Section 79(3) states that the exemption does not apply in the following two cases:

1. When the intermediary has conspired, abetted, aided, or induced, whether by threats, promise, or otherwise, in the commission of the unlawful act.
2. Upon receiving actual knowledge or being notified by the appropriate Government or its agency that any information, data, or communication link residing in or connected to a computer resource is being used to commit an unlawful act, the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner.

The Information Technology (Intermediary Guidelines) Rules, 2011 are also framed to guide the ISPs regarding due diligence to apply in case of their functioning.

Landmark Judgments  

1. Avinash Bajaj vs. State
   Ravi Raj, a student at IIT Kharagpur, posted an offensive MMS video clip on baazee.com under the alias "aliceelec," despite baazee.com's filter for inappropriate content. The Delhi Police's Crime Branch filed a complaint, accusing Ravi Raj, website owner Avnish Bajaj, and content manager Sharat Digumarti. Bajaj pleaded to have Ravi Raj's criminal proceedings quashed after he fled.
   
   Since pornographic content was not viewable on Bazee.com, the website that makes money merely from sales and advertising, the court determined that Mr. Bajaj was not involved in its airing. The evidence points to another person as the perpetrator of the offence. The accused must demonstrate that he was a service provider and not a content creator, even if the CEO granted bail.
   
   But it is the accused's responsibility to demonstrate that he was merely a service provider and not a content creator.
    
2. Vyakti Vikas Kendra, India Public Charitable Trust Thr Trustee Mahesh Gupta & Ors vs. Jitender Bagga & Anr.
   The Delhi High Court in this case initially ruled Google an "intermediary" under Section 2(1)(w) and Section 79 of the Information Technology Act, 2000. The court stated that Google must remove unlawful content if it receives actual notice from the affected party. Google is also required to comply with Information Technology (Intermediaries Guidelines) Rules 2011, which require an intermediary to observe due diligence and remove defamatory content within 36 hours of receiving actual knowledge.
   
   In this case, Google was directed to remove all defamatory content about plaintiffs from its website and all links containing defamatory content within 36 hours. Defendant No.1 was restrained from sending emails or posting material referencing the plaintiffs or their Art of Living Foundation or his Holiness Sri Ravi Shankar.
    
3. Christian Louboutin SAS Vs Nakul Bajaj & Ors
   A high-end shoe company sued an online retailer, alleging that it was encouraging trademark infringement by connecting a seller of fake goods with the portal, in an attempt to obtain an injunction. The matter at hand concerned whether the defendant could legally use the plaintiff's trademarks, logos, and images, which are safeguarded by Section 79 of the Information Technology Act.
   
   The website has total control over the products that are delivered through its platform, hence the court held that the defendant is more than just a middleman. It acknowledges and encourages independent sellers to market their goods. The Court further declared that an e-commerce platform's involvement would shield it from the rights Section 79 of the IT Act grants intermediaries.
    
4. Super Cassettes Industries Ltd. v. Yahoo Inc. & Another
   The High Court ordered the defendant to stop reproducing, distributing, and streaming music from their website.
   
   In Super Cassettes v. MySpace Inc. and Anr, the court ruled that MySpace violated Super Cassettes' copyright by allowing the work to be downloaded at a subscription fee.

Conclusion
A stronger, more comprehensive law governing the degree of ISP liability is of vital importance in India. With the growing digital world and contribution of cyber content, the regulations controlling the accountability of the ISPs in the case of copyright infringement present a challenge to the genuine owners. Since these genuine ISPs serve as a doorway to the internet's infrastructure network and transport system, it is imperative that they be protected. Due to the lack of clarity surrounding the jurisdiction of cyberspace, forum shopping is another issue. 

Further, because of certain legal uncertainties that allow ISPs to avoid liability even in serious situations, there is now a little inadequacy of steps to ensure that they are held accountable for their negligence and breach of duty towards their customers. The legal system definitely has to be changed in order to deal with intermediaries' liability and ensure that they are held accountable, particularly when copyright is violated. Also, there is a need for reformation of the conflict of law rules with respect to offence related to the cyberspace.  
 
Furthermore, ever since the very enforcement of the IT act, section 79 has been criticized under many grounds. Due to the same reason, the Ministry of Communications and Information Technology appointed an Expert Committee to propose amendments to the IT Act and the Committee has proposed revision of section 79. 

References:

• Liability of the Internet Service Provider, Ipleaders, August 7, 2021, https://blog.ipleaders.in/liability-internet-service-provider/#Introduction
• Introduction to Cyberspace, Vedantu, 26th Jan 2024, https://www.vedantu.com/commerce/introduction-to-cyberspace
• Internet Service Providers and its liabilities under Indian Law, Lawyered, Feb 6, 2023, https://www.lawyered.in/legal-disrupt/articles/internet-service-providers-and-its-liabilities-under-indian-law/
• T. Pradeep and Aswathy Rajan, A Critical Study on Cyber Defamation and Liability of ISPs, Vol. 119, No. 17 2018, International Journal of Pure and Applied Mathematics, http://www.acadpubl.eu/hub/ Special Issue
• Advocate Rachit Gupta, Internet Service Providers and its liabilities under Indian Law, Lawyered, Feb 6, 2023, https://www.lawyered.in/legal-disrupt/articles/internet-service-providers-and-its-liabilities-under-indian-law/
• Ankur Chopra, Scribd, Liability Network Service Providers, https://www.scribd.com/document/313876101/Liability-Network-Service-Providers
• Information and Communication Technology Liability of ISPs, Pathshala, MHRD Govt. of India, https://epgp.inflibnet.ac.in/epgpdata/uploads/epgp_content/Law/07._Information_and_communication_technology_/20._Liability_of_ISPs/et/5754_et_20_ET.pdf
• Dr. Gurujit Singh, Information and Communication Technology Liability of ISPs, Pathshala, MHRD Govt. of India, https://epgp.inflibnet.ac.in/epgpdata/uploads/epgp_content/Law/07._Information_and_communication_technology_/20._Liability_of_ISPs/et/5754_et_20_ET.pdf