Image Source:

This article is written by Jatin K. Chheda, pursuing Diploma in Cyber Law, FinTech Regulations, and Technology Contracts from Lawsikho.


With the advent of the internet, there has become a parallel world in cyberspace where people connect, relate and communicate. The world of cyberspace is driven by data, data that is available to publish, use and disposal of the internet. Data spans across all kinds of content from written, textual, audio, video and other media and entertainment-related content to business-related content, all of these are accessed, used and consumed by the masses who put forward their trust and participate in this giant data exchange we call the cyber community. Needless to say, the trust comes on one end towards the genuine of data being projected and consumed, and more its authenticity is of utmost importance, on the other hand, the privacy of the people accessing the information, content and services offered is of utmost and crucial importance. 

As the internet and digital consumption advanced through time, it became more and more crucial to bring in mechanisms to check and control the authenticity, security and privacy of data. From piracy to phishing to data leaks, tampering of information, misguiding and misleading information, fake imposters and all kinds of inauthentic content from conspiracy theories to online scams and scandal, imposters and fake porn, the internet were becoming a bane to mankind as much it was a boon in integrating the world into one big giant community. But just like society, cyberspace also had its perils with authenticity and infringement of data being the determinant source of all problems.

Download Now

What is an ISP?  

Let us look at cyberspace as the digital form of the world, wherein real-world road, air and rail networks were the access to travel, offered by the respective states and their governments, the network access to people on cyberspace to surf was brought about by the ISP’s, the internet services providers. In the simplest terms, to be an intermediary is to be like a conduit for the passage of any information/communication. They act like aggregators between those who wanted to generate and spread information and those who wanted to consume information. Needless to say, when the time came where the dubious and inauthentic information had become a nuisance for global peace, economy,  trade, etc. There was a need to regulate and control the information on the internet, and since it was difficult to keep track of individuals worldwide, it was done through the source that acted as a medium to aggregate this connectivity, the ISP’s, the internet service providers.  

The issue of online copyright infringement liability for the ISP’s thus became prevalent since the use of the internet started to expand rapidly. The imperative question that arises here is to what extent are ISPs responsible for the third party material put on the internet by users of their facilities?  

Because of the hurdles and constraints on keeping track and catching hold of individuals on a worldwide level, because of geo-cultural, geopolitical and simply inability of copyright and intellectual property owners to seek infringement damages against those who misappropriate their intellectual or digital properties, the internet service providers have become an accessible mule to address this problem, namely since they allow the internet or data pirates to exist, for which reason the content owners find it righteous to sue the ISP’s for their data infringement because the ISP’s naturally are in a position to control and secure the internet through plausible policing.  

In this paper, we explore the role of the ISP’s communication on the internet, their various approaches for determining the liability of the ISP’s for eg. the horizontal approach, the non-horizontal approach and explain the liability of ISPs for copyright infringement under the Copyright Act, 1957, and the Information Technology Act, 2000.

ISP’s role in communication on the internet

ISP is the gateway or an aggregator that provides the network infrastructure, in common parlance, a bandwidth (road network) which gives people access to navigate through the world wide web and access data and information on one end, and on the other, they give hosting and website building and other such services for the supply of data and content. Other than ISP’s various parties are involved in offering solutions for creating, storing,  hosting, delivering and accessing information and content from the content creator to the content consumers such as blogging sites, cloud platforms, hosting servers, database servers, etc. at the end of the day all the information gets stored in a server and is accessed from that servers through the internet. In common parlance, the server is an address where one seeks to access the information through the highway and road network which is provided by the ISP through the internet and bandwidth, to be able to navigate and access the information stored on these servers. The various intermediaries that host, store, process data and data services are all connected to the content providers on one end and the consumers on the other through the ISP’s which are the road network that enables the transport of information and people (albeit virtually) between one point to another.

The website host deploys servers where FTP’s, file transfer protocols are deployed for storing, accessing and transporting files, website hosting is done on these servers. These days cloud computing offers remote storage of data that can be accessed on multiple points. Upon storage, on such servers and cloud servers, this data gets availed to anybody with an internet connection and the address to the server location. An access provider on the other hand provides access to the internet. In the process, all this is happening through the network infrastructure of the internet service provider, ISP. This network infrastructure transports this data to the designated consumer. ISP’s are aggregators who create access and network to transport information exchange. 

Liability of internet service provider  

The liability for copyright infringement rests on three theories; direct, vicarious and contributory infringement. Direct infringement occurs when a person violates any exclusive right of the copyright owner. Vicarious liability arises when a person fails to prevent infringement when he can and has a right to do so and is directly benefited by such infringement. 

In the United States, one of the Acts which provides liability for the ISPs is the Digital  Millennium Copyright Act, 1998. This Act governs the liability of the internet sites and ISPs for the copyright infringement of its user. It provides a mechanism for copyright owners to force site owners and ISPs to remove infringing material. 

The following elements are part of the regime under the DMCA:  

1) The online service provider [hereinafter OSP] must have a designated agent to receive  notices and it must use a public portion of its Web site for receipt of notices;  

2) The OSP must notify the U.S. Copyright Office of the agent’s identity and the Copyright  Office will also maintain electronic and hard copy registries of Web site agents. 

Various approaches to determine the liability of internet service providers

The scope of an ISP’s liability extends to the branch of law pertaining and relating to the content and subject matter in question. It could be private or personal, criminal, tort,  intellectual property like copyright, trademark, patent, etc., competition law, consumer protection, etc. and thus the liability of the ISP’s has been burning, constantly evolving and expanding. These have been done broadly through two approaches:  

1. Horizontal approach

Which covers not just copyright infringement but all other areas and branches of law, where the liability of ISP arises directly and it raises fixed liabilities irrespective of the content and extent of the illegality of the content.

2. Non-horizontal approach

The potential of the liability is determined by the provisions and jurisdictions of the law. In this approach, the statutes determine the extent of liability, in which a case of defamation would be covered under defamation laws, copyright infringement would be covered under intellectual property rights law,  harm to person, death and rape threats would be covered under IPC, etc.  

Copyright is dealt with preserving the efforts and performance of the intellect. The concern of copyright is the protection of literary and artistic works. These consist of music,  writings, the efforts of the fine arts, music, such as sculptures and paintings, technology-based works such as computer programs and electronic databases. The liability for copyright infringement rests on three theories- direct, vicarious and contributory infringement. Direct infringement occurs when a person violates any exclusive right of the copyright owner. Vicarious liability arises when a person fails to prevent infringement when he can and has a right to do so and is directly benefited by such infringement. These two theories are based on the strict liability principle and a person will be liable without any regard to his mental state or intention. Contributory liability arises when a person participates in the act of direct infringement and has knowledge of the infringing activity. The question arises as to which standard should be applied in order to fix the responsibility of service providers.

Provisions under the Indian Copyright Act, 1957  

The Indian Copyright Act is unable to protect the unauthorized distribution and use of work over the internet. Infringement over the internet and piracy poses a threat to creative works worldwide and thus the growth of the internet, e-commerce and the digital economy. The law related to ISP liability is vague and ambiguous in India. The Indian Copyright Act 1957, though amended in 1994 and 1197, doesn’t cover or even mention copyright infringements and liability of ISPs regarding them. 

The crux of copyright infringement according to the Act is that whether a person is gaining economic gains out of the infringement and in case of ISPs liability, the ISPs are gaining any direct economic gains out of copyright infringement. Users however do pay  ISPs for using internet services, but they usually get away with the excuse that they did not know their acts were in the violence of owners copyrights. Moreover, Section 63 of the copyright Act, 1957 provides for abutment regards to copyright infringements, but whether ISPs can be said to be abetting would again be a case to b settled in the court of law since ISPs clearly would state no intention as their basis to avoid legal liability.  

These issues have been addressed in Section 79 of the Information Technology Act, 2000.  

Provisions under Information Technology Act, 2000

Chapter XII of the Act provides for issues regarding the liability of the service providers. The Act refers to ISPs as ‘network service providers’ and exempts them from their liability.  Section 79 absolves the ISP’s liability if they can prove they had no knowledge about the infringement or due diligence was exercised for prevention of such acts. The Indian position in liability of service providers for copyright infringement must be made more explicit. The Act must include sections that address the financial aspect of the transaction, and the relationship between an ISP and a third party, because this is vital to determining the identity of the violator. The American concept of contributory infringement can also be incorporated into the Indian Act so that if any person with knowledge of the infringing activity, induces, causes, or materially contributes to the infringing conduct of another, the person can be made liable.

In order to be exempt from liability, the Indian Act requires the service provider to exercise due diligence to prevent the commission of copyright infringement. The Act does not provide the meaning of the term due diligence. If due diligence means policing each and every aspect of the internet,  it can lead to loss of privacy and can ultimately have a disastrous effect. There is a need for a consensus on the meaning of the term due diligence because the primary function of  ISPs is to build the internet, not to play the role of a policeman. If the behaviour of an ISP is reasonable, then that ISP should not be held liable for each and every activity on the internet as has been held by the US courts.  

Various international scenarios

The WIPO Copyright Treaty, 1996 first caught international attention on copyrights. The treaties updated the Berne Convention by incorporating the existing TRIPS provisions in its folds and granted additional rights to the authors in the context of the internet. A new right referred to as the right of communication to the public was incorporated and the right of distribution was specifically spelt out. It also provided for legal remedies against the circumvention of technological measures used by the authors to protect their work. Legal protection was also granted to rights management information systems used by the authors while transmitting works in a digital environment. It was further made clear that mere provision of physical facilities for enabling or making a communication does not itself amount to communication with the meaning of this provision.

Since there was no agreement to treat both temporary and permanent reproduction as a part of reproduction rights in digital format, no specific provision was included in the WCT in this regard. It was the failure of the international community due to the pressure from interest groups to reach a definitive conclusion on the nature of the liability of service providers and users, that left the international law unsettled and it was left to the respective Nation States to introduce appropriate provisions in the domestic law to protect the interests of the owners. One of the first countries to legislate on the Treaty provisions was the US through its Digital Millennium Copyright Act (DMCA) that came into force in  1998. Before referring to the DMCA it is necessary to refer to some of the judicial pronouncements of US Courts on the issue. In Playboy Enterprises v. Frena, the court was called upon to determine the liability of the electronic Bulletin Board System (BBS) operator for the acts of users who had uploaded and downloaded the plaintiff’s copyrighted photographs. The court found Frena liable for violating the plaintiffs right to publicly distribute and display copies of its work. The defendant contended that he had in fact removed the photographs from the BBS when he received the complaint and had since monitored the BBS to prevent additional photographs of Playboy from being uploaded. 

Internet service providers being made liable to suit for copyright infringement  on the internet  

Frequently in copyright infringements suits being filed for actions of infringement on the internet most certainly involve the ISPs. The reason being that ISPs are far more in a  superior position to police, track and take action in cases of piracy or infringement, than an owner who will be rather completely unaware of the whereabouts of such infringements taking place, the ISPs would have the internet traffic data relating to such activities that show downloads of the infringed product. But ISPs are large business bodies or corporations with deep pockets and with concentrated market share, so it is almost difficult to see a likely outcome since one infringement will result in causing many more.


India needs a more robust and comprehensive law extending the liability of ISPs. The ambitious and rather loose ended statutes governing the scenario of copyright infringement pose a challenging question for the genuine owners who, with the increase of the digital age, are contributing heavily in terms of cyber content. The law is rather handicapped, falling short and mere sighted. Even though a leading technology solutions provider in the global arena, the situation back home is far from high-tech. The  ISPs are the gateway, the infrastructure network and the transport system of cyberspace.

The laws relating to regulation, traffic and control need to be devised such that there is clear, transparent and speedy execution in terms of both prevention of crime, and execution of penalty in case a situation arises. Making an ISP liable will not completely solve the issue, but adopting a strategy whereby making them a friend of law in bringing justice to infringed owners’ in their copyrights will be a breakthrough strategy to digital and cyberspace policing. Liability of the ISPs should extend to the extent that it penalises them in not standing in favour of or aiding the investigations in such matters. These liabilities could include penal consequences like monetary penalties, cancellation of licences or permanent ban from providing internet services in case they do not act according to a certain framework to monitor, track, police or aid agencies in preventing crimes in the digital space. 

Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skills.

LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join:

Follow us on Instagram and subscribe to our YouTube channel for more amazing legal content.


Please enter your comment!
Please enter your name here