Let's Build a Responsible Cyber Society


Cyber Cafes under ITAA(p)-2005

...a law for the privileged, by the privileged and to protect the privileged.

 

Under ITA-2000, Cyber Cafes were not specifically defined. However they could be considered as "Intermediaries" and hence Section 79 (old) was applicable to them. This made them liable for offences and contraventions subject to the following of "Due Diligence Practices". Section 85(old) also applied to such entities. Further in the states where specific laws were available for Cyber Cafes, Section 65 (old) was also applicable in respect of maintenance of visitor's registers. The state laws regulating the Cyber Cafes also defined the term "Cyber Cafe".

ITAA(p)-2005 (We shall use this abbreviation for the amended act proposed by the "Expert Committee") now proceeds to define the term Cyber Cafe and also re define Section 79. This will have a significant impact on the activities of Cyber Cafes as discussed below....Naavi


Cyber Cafes are one of the important stake holders in the Cyber Industry in India to whom the ITAA (p)-2005 has relevance. Police in every part of the country have been going after them to book them under several sections of ITA-2000 primarily Section 67. Most of these cases are where public have been allowed to visit pornographic websites through the Cyber Cafe. Mumbai and Karnataka had already passed regulations within their state jurisdictions . These regulations define their term "Cyber Cafes", their responsibilities and also intended punishments for contraventions.

It was therefore of interest to see how the proposed amendments would address the issue of regulating Cyber Cafes.

From the provisions now announced it appears that the expert committee (This term refers to the committee which has produced the draft of the ITAA (p)-2005) has failed to take note of the existing laws on Cyber Cafes in these states and proceeded to make changes. In all fairness it can be stated that the Committee was unaware of the existence of these laws since there is no mention of the same in the report. Alternatively, the committee must have taken the view that the laws passed by the state are subordinate to the ITA-2000 and hence it would be the responsibility of the states to automatically bring it in tune with the ITAA(P)-2005 as and when it becomes effective.

To cite an example, the term "Cyber Cafe" has been defined in the Karnataka IT rules as follows:

“Cyber Café” means a premises where the Cyber Café Owner/Network Service Provider provides the computer services including Internet access to the public.

Now ITAA(p)-2005 proposes to define Cyber Cafes as follows.

Cyber Cafes have been defined in two places in the ITAA(p)

Firstly, Section 2(nn) defines Cyber Cafes directly, as

(nn)  "Cyber Café”   means a place where access to electronic form is provided to the public

Further Section 79 (amended) states

      Sec 79 (Explanation): ‘Intermediary’ shall include, but not limited to, telecom service providers, network service providers, Internet service providers, web-hosting service providers, search engines  including on-line auction sites, online-market places, and Cyber Cafes.

The term s "Intermediaries" is  in turn defined as

2 (w) "intermediary" with respect to any particular electronic  record means any person who on behalf of another person receives, stores or transmits that record  or provides any service with respect to that electronic record

Under the Karnataka Act, Cyber Cafe services may include any form of "Computer Services". The ITAA amendment also appears to be similar since it defines any service to public providing access to "Electronic Form" as a Cyber Cafe.

This definition is much broader than the definition of the "Intermediary". The intermediary acts on behalf of another person and handles third party data. On the other hand there are many services where Electronic Form access is provided where the data belongs to the system owner.

To give an example, a kiosk run by Railways to provide information on trains etc is now a "Cyber Cafe". The village kiosks giving information to farmers on crops etc maintained by the Village Panchayat is now a "Cyber Cafe". etc. At the same time, services to "Non Public" such as students in a college, members in a Club etc may not be considered as "Cyber Cafe".

They may still be an "Intermediary not being a Cyber Cafe".

Now, let us look at the implications of this definition.

The revised Section 79 now reads as follows:

79. Exemption from liability of intermediary in certain case

1.      An “Intermediary” shall not be liable under any law for the time being in force, for any third party information, data, or link made available by him, except when the intermediary has conspired or abetted in the commission of the unlawful act

2.      The provisions of sub-section (1) shall apply in circumstances including but not limited to where: 

a.      Intermediary’s function is limited to giving access to a communication network over which information made available by third parties is transmitted or temporarily stored; or The intermediary: (i) does not initiate the transmission, (ii) does not select the receiver of the transmission, and (iii) does not select or modify the information contained in the transmission. 

3. The provisions of sub-section (1) shall not apply if, upon receiving actual knowledge of, or being notified by the Central Government or its agency that any information, data or link residing on a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails expeditiously to remove or disable access to that material on that resource.

As can be seen from the above, Cyber Cafes just like other intermediaries have been given almost absolute immunity from all liabilities. Unless Conspiracy or Abetment is proved, no action can be taken on them. Their responsibility arises only when a notice that an incriminating information residing inside the computer is being used for an unlawful act.

Note the word "Any law in force" used in Section 79. Since only Copyright Act and Patent Act have precedence over ITAA (P)-2005, Cyber Cafes will enjoy immunity even for offences under IPC.

If this provision is read with the amended Section 69 which talks about the "Powers to order Monitoring or Interception" where "Prevention of Cognizable Offences" have been deliberately ommitted, it is clear that Cyber Cafes are being provided a special protective cover from any interference from Police. Ostensibly this is to  protect ISPs from any action by Police. Judging by the luke warm response that ISPs were providing for Cyber Crime investigations at present, they will now be even emboldened to turn off the Police even for any routine criminal investigations.

Perhaps the Cyber Crime Cells created by Police in different cities will now be redundant and has to close down. While the Society is concerned about raising Cyber Crimes, the Committee obsessed with the sole objective of making the law to protect the privileged has diluted the law and rendered the law enforcement totally redundant.

The brazenness with which the change of laws have been attempted indicate a turf war between the Home Ministry (Lead by Mr Shivaraj Patil, Congress) and the Ministry of Communication and Information Technology (Lead by Mr Dayanidhi Maran, DMK) whether the concerned ministers realize it or not.

From the point of view of the Liabilities therefore, the ITAA has provided a  great bonus to Cyber Cafes. Even the Cyber Cafe owners had least expected this bonanza.

It is for intelligent observers to judge whether the Committee has been so naive or if there is some thing which we cannot see which the committee members could see. Afterall they are seeing things from a different perspective.. to create a law for the privileged, by the privileged and to protect the privileged.

Naavi

August 31, 2005

Copy of the Amendments