Journal of Legal, Ethical and Regulatory Issues (Print ISSN: 1544-0036; Online ISSN: 1544-0044)

Review Article: 2021 Vol: 24 Issue: 6S

A Critical Study on Liability of Intermediaries for Copyright Infringement - Analysis of Indian and German Position

Gururaj D. Devarhubli, Gujarat National Law University

Anjani Singh Tomar, Gujarat National Law University


 This article aims to throw light on the issue of intermediaries’ liability in cases of copyright infringement. As innovation and speed are considered the twin watchdogs of a knowledge-based economy the emergence of new technologies has allowed the users to disseminate information within seconds with a click of a button. On one hand, these technologies have been termed as ‘break-through’ but on the other hand have also called for a greater degree of enforcement through strengthening the legal mechanism. One of the most contentious yet unsettled issue is the liability of the intermediaries in the infringement of copyright through digital means. The problem has been addressed under legislations of several countries and has been resolved to some extent through judicial pronouncements. However, a universal and effective mechanism is yet to be done on the issue. In this backdrop, the article discusses the various circumstances in which intermediaries are held accountable for copyright infringement along with exemptions. It also compares the legal framework existing in India and Germany on Liability of intermediates.


Copyright, Infringement, Intermediaries, Internet Service Provider, Liability


Technology has played a major role in improving human life. On one hand, it has made human life more quick, easy and comfortable, whereas on the other hand it has also raised new problems in the name of financial crimes through Internet or infringing one’s intellectual property rights. The term ‘Intellectual Property Right’ (hereinafter referred as “IPR”) encompasses within itself patents, copyrights, trademarks, geographical indications and newer forms of intellectual properties such as trade secrets (also known as confidential information) and traditional knowledge. However, in this article the term IPR would be used strictly in the sense of ‘Copyright’.

Copyright, as a form of IP, incentivizes creativity by awarding exclusive rights and enables access to copyrighted works by ensuring that certain exceptions are in place. Intermediaries are paramount in this process as they facilitate the dissemination of copyrighted works. (Kulk, 2019). Thus, on one hand, Internet has helped holders of Intellectual Property (hereinafter referred as “IP”) to disseminate and communicate their works to a larger audience, as in case of books, cinematograph films and music. The same Internet has also created an entirely new set of problems for intellectual property holders as it allows any anonymous and invisible pirate to copy and disseminate instantaneously anything that is available on the Internet. (Raman Mittal, 2004). This instant dissemination along with the technology to create an exact duplicate of a work, has caused immense losses to the copyright holders and authors.

In order to protect the IP holders from the mass infringement on the Internet of their works, it becomes imperative to make someone accountable for the infringement. The easiest and the most convenient answer, from the perspective of the IP holder is, to sue the Internet Service Providers (hereinafter referred as “ISPs”). This is based on the consideration that ISPs are the ones who are responsible for policing the Internet. Alternatively, it is also argued that ISPs have no role to play in the infringement and hence, should not be held liable. This view is based on the argument which considers ISPs as passive carriers of information and holding them liable for infringement would raise questions on the growth of Internet and jeopardize its very existence. Though Internet has been in existence for more than three decades, but still the questions regarding the liability of ISPs has been the subject of controversy with diverging opinions from each legal regime.

In this backdrop, the present paper seeks to analyze:

• The meaning of ISPs and their role in the Internet process

• The types of liability of ISPs in copyright infringement

• The Indian and German approaches for determining the liability of ISPs

• The judicial framework existing in above countries on liability of ISPs and to draw concluding remarks and make suggestions to improve the interaction between copyright law and Internet.

The present paper is divided into Six Parts. Part 1 deals with Introduction which provides a brief overview regarding the topic. Part 2 covers the definition of the term ‘Intermediaries’ along with the arguments favouring and limiting the liability of ISPs. Part 3 discuss the various approaches to determine the liability of ISPs. Part 4 discuss the types of liability of ISPs in copyright infringement. Part 5 discusses the legislative framework and judicial jurisprudence existing on the liability of ISPs in India and Germany. Part 6 presents the concluding remarks and suggestions.

Meaning of Intermediaries

The research paper, in relation to liability for copyright infringement, uses the terminology ‘Intermediaries’ in preference to other terms such as ‘Internet Service Provider’ or ‘Information Society Service Providers’. However, all these terms are used interchangeably in various jurisdictions. In a general sense, ‘intermediary’ means anything which supplies infrastructure and tools for electronic communications, thereby, encompassing internet service providers, website operators, hosts, data centers, social networks, media platforms, search engines, app developers, online marketplaces, app stores among others.

Even though from the perspectives of International regime and the national laws on copyright, it is clear that most of them agree on the liability of intermediaries for copyright infringement. But there seems to be a cloud of doubt and confusion amongst the countries regarding the definition and scope of the term. For example, in a case intermediary was described as ‘intermediate computer servers between a web-server and an end-user1, whereas in another case internet intermediaries were considered same as postal services2 Intermediaries have been termed as an “unhappy abstraction”. As already mentioned, the term covers various entities – the only common element being use of electronic computer networks.

On the other hand, the Organisation for Economic Cooperation and Development (“OECD”) proposes a more specific, category-based definition framed in terms of facilitation by intermediaries:

‘Internet intermediaries’ bring together or facilitate transactions between third parties on the Internet. They give access to, host, transmit and index content, products and services originated by third parties on the Internet or provide Internet-based services to third parties3

OECD identifies the following entities as Intermediaries:

i. Internet access and service providers (ISPs)

ii. Data processing and web hosting providers, including domain name registrars

iii. Internet search engines and portals

iv. E-commerce intermediaries, where these platforms do not take title to the goods being sold

v. Internet payment systems, and

vi. Participative networking platforms, which include Internet publishing and broadcasting platforms that do not themselves create or own the content being published or broadcast.

Alternatively, the Electronic Commerce (EC Directive) Regulations 2002 uses the term ‘information society service provider’ and defines it as “any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services”.4

Some of the examples of entities which can be covered within the definition as provided under the Directive are as follows:

(a) Selling goods online (but not their delivery or provision offline);5

(b) Operating an online marketplace;6

(c) ISPS or any transmission of information via a communication network;7

(d) Providing access to a communication network;8

(e) Hosting information provided by a recipient of the service;9

(f) Point-to-point transmission;

(g) Video-on-demand services and media-sharing platforms;10and

(h) Email or equivalent individual communications, when used commercially.

Though the above-mentioned definitions vary in their scope and application, but it does not discount the fact that the ‘Internet Intermediaries’ or ‘Information Society Service Providers’ should be held accountable for copyright infringement.

Another approach to define and understand Intermediaries is by understanding the role of service providers in making copyrighted work available to end users. Any person who is interested in making available his work to public through Internet will necessarily have to upload the content in the form of web pages onto his website. Technically, the content shown on the web pages is physically located on the host’s server i.e., a very large hard disk that is directly accessible from the network. The uploaded work becomes available to all those connected to Internet – obviously through an access provider. The uploaded work is transmitted from host to end-user by the infrastructure of a network provider who apart from providing the physical facilities to transport a signal, will also transmit and route it to the designated recipient (Verma, 2001).

From the above, it is clear that the word ‘Internet Service Providers’ or ‘Internet Intermediaries’ includes – the originator of the information from whom the information flows, access provider, who makes access to the information possible, network provider who transports information and the end user.

There is no cloud of doubt existing on the liability of the Service Providers for providing access and publishing online copyright infringing materials. But the problem lies in identifying or locating the originator as Internet allows publishing on a web page from any part of the world and that too, anonymously. This creates problem in determining jurisdiction and the choice of law under which the ISPs should be tried.

As every criminal activity, has a perpetrator, the same holds true for online criminal activities. On one hand, copyright holders are in favour of placing the liability of copyright infringement on the ISPs, but on the other hand, ISPs have defended their liability on the ground of ‘passive carriers’ of information. Based on these, the researchers put forward the various arguments for holding the liability and limiting the liability of ISPS.

Arguments for holding ISPs liable for Copyright Infringement Perpetrated by Third Parties

The following are the arguments for holding the ISPs liable for online copyright infringement:

• Often, in cases of online copyright infringement the perpetrators/infringers are anonymous and usually untraceable. The ISP is identifiable and locatable and most often situated in the same jurisdiction (V.K. Unni, 2001). Thus, it is considered feasible to hold them accountable rather than locating the culprits. (Diane & Elizabeth, 2005)

• The ISPs are more lucrative targets for litigation than the originator of the offending information content. The offender may not have adequate resources to pay heavy damages whereas the ISPs can pay compensation from their share of profits to the copyright holder or owner.

• ISPs are in a supervisory position as far as policing the activities on the Internet is concerned. ISPs can, suo motu, provide warnings to the infringer/perpetrators or close down the Internet access of such individual. Thus, to create a deterrent effect on infringers, ISPs should be held liable. (Ryder, 2001).

Arguments for limiting the Liability of ISPS

The following arguments are presented favoring to limit the liability of ISPs:

• ISPs argue that they are merely ‘passive carriers’ and ‘mere conduits of information’. It is hence argued that ISP’s role is only that of a messenger or mediator and not a publisher. Thus, merely providing the means to accomplish an infringing activity would not suffice without constructive knowledge of the infringing activity or with no intervention made by the ISP (Osborne, 2009).

• With the enormous amount of content and data available on the Internet, it is highly impractical to expect ISPs to determine which content is lawfully reproduced and which is unlawfully distributed that is, copyright infringed. As already mentioned, the ISPs only offer an opportunity to publish and are unable to exercise any influence on, or what people say on Internet.11

Approaches to Determine Liability of ISPS

Generally, the liability of ISPs may arise in a variety of legal fields, such as tort law, criminal law, trade secret law, copyright law, trademark law, unfair competition law, etc. Several countries have tried to analyze the liability of ISPs in disseminating third party content – usually bringing relevant provisions of Criminal Law, Information Technology Law or Copyright Law. These statutes tackle the issue of the liability of ISPs adopting either of the following approaches:

• Horizontal Approach

• Non-Horizontal Approach.

The former covers not only copyright infringement but also all other potential areas of law where liability of ISPs might arise – fixing the liability regardless of the grounds for illegality of the transmitted material. Whereas, the latter determines the potential liability of ISPs under each law where it might arise.

Horizontal Approach

This approach functions through the filtering mechanism or deduction method. The liability of ISPs, under this approach, is determined at one place in a single statute. The first step under this approach is to decide the liability of the ISPs according to the provisions of law related to the conduct of the ISP in question. This means that if an ISP is accused of defamation, such entity shall be tried as per the defamation laws. Similarly, if an ISP is accused of copyright infringement, it shall be dealt under the relevant copyright legislation at the national level. The second step is, after the ISP is held guilty under the relevant laws, that the ISP’s liability shall be ‘screened’ or ‘filtered’ through the exemptions granted to the ISPs under the specific provisions created under the relevant legislation. This approach is applied to determine liability of ISPs in Germany, Sweden, Japan, etc.

Non-Horizontal Approach

Under this approach, the potential liability of ISPs is determined under each law where it might arise. For example, adopting non-horizontal approach the copyright statute would address ISP liability that might arise only in relation to copyright violations. Countries like Hungary, Ireland, Singapore and USA have implemented this approach. The researchers would discuss the approach of USA in detail.

In USA, Section 512 of the Digital Millennium Copyright Act (hereinafter referred as “DMCA”)12establishes ‘safe harbours’ to shelter ISPs from liability for copyright infringement in certain circumstances.

Though the DMCA does not define when an ISP is liable for copyright infringement, it certainly lays down guidelines with respect to online copyright infringement. Further, it specifically states four circumstances where ISPs are exempt from liability for damages, which are:

• Transitory digital network communications

• System caching

• Storing information on systems or networks at direction of users; and

• Information location tools.

However, these limitations would apply only when the ISP is merely acting as a ‘passive conduit’ for the information; without being the producer of the information; and has responded expeditiously in removing or disabling access to the infringing content upon notice from the copyright holder. This is known as the ‘Notice and Take Down’ provision.

Types of Liability of ISPs in Copyright Infringement

The liability of intermediaries is characterized by a fragmentation of terminology and confusion as to the underlying basis of legal remedies. This risk of confusion is even greater when claims lie at the margins of existing doctrines, or seek to apply those doctrines to new technologies or wrongdoing. For clarity and consistency, the researchers define the terminologies of ‘primary’, ‘secondary’, and ‘injunctive’ liability to classify the kinds of legal duties which may imposed upon intermediates.

Primary Liability

Primary liability arises where a defendant is a primary wrongdoer. In other words, where a person engages in tortious activity by his or her own acts or omissions, and that activity is not excused or otherwise rendered lawful. This kind of liability ordinarily arises for breaches of legal and equitable duties. Primary wrongdoers have by their own conduct satisfied the elements of a cause of action. But the scope of their liability and the available remedies depend on the type of wrongdoing in question.

The outer limits of primary liability are defined by two sources:

1. The legal definitions of the elements constituting the cause of action in question, and

2. General doctrines which augment or limit the scope of liability, such as joint tortfeasorship, contribution, and safe harbors.

However, there exists a sense of confusion as liability as a joint tortfeasor is said to be primary in the sense of being joint and several with all other wrongdoers, yet secondary in the more technical sense that it concerns ‘liability for the act of another’.13 There are numerous examples of legal doctrines in which a defendant’s participation in wrongdoing by third parties may give rise to primary liability, yet still depends in some way on the wrongdoing of another.

Some examples of primary liability of the Internet Intermediaries are in the areas of defamation, trade mark infringement, breach of confidence, misuse of private information, breach of data protection, and miscellaneous civil and criminal wrongs (Riordan, 2016).However, wider treatment of the doctrines and remedies in each of these areas is left to specialist works.

Secondary Liability

Secondary liability is liability which is preconditioned at finding at least a primafacie wrongdoing by a third party. A secondary wrongdoer faces liability either because they have causally contributed to wrongdoing by someone else to a degree recognized as legally culpable, or because they stand in a recognized relation to the primary wrongdoer, as in the relationship of employer or principal. . For example, liability for authorizing copyright infringement requires proof of actual infringement by the party so authorized.

Secondary wrongdoers are sometimes described as ‘accessories’ and their secondary liability is sometimes also referred to as ‘accessory liability’.14 Although both terms are valid and have found widespread acceptance, the non-primary liability of intermediaries is described by the researchers by the terminology ‘secondary liability’ - in order to distinguish it from criminal secondary liability and to encompass forms of secondary liability (such as vicarious liability) in which it is difficult to describe the secondary party as someone who acts as an accessory to wrongdoing.

According to Lord Hoffmann, Secondary Liability is the ‘principles of liability for the act of another’. Lord Nicholls described it as ‘civil liability which is secondary in the sense that it is secondary, or supplemental, to that of the third party who committed [the primary tort]’.

Relationship of Secondary Liability with Primary Liability

Secondary liability begins where primary liability ends. As such, the scope of secondary liability is intrinsically linked to the scope of primary liability. The wider the definition of the primary wrong, the less need there is for doctrines of secondary liability to be invoked and the narrower their field of operation. The limits of secondary liability are to some extent fluid but delimited by reference to recognized connecting factors, such as doctrines of procurement, common design, authorization, and (in equity) dishonest assistance. Many cases involving primary and secondary intermediaries require careful scrutiny. The best illustration highlighting the relationship between primary and secondary liability can be found in the UK Patents Act, 1977 which creates a statutory tort of contributory infringement targeting secondary wrongdoing but does not always require primary infringement, and is therefore an example of primary liability (Patents Act, 1970). Similarly, unlawful conspiracy is primary not secondary liability, since its gist is concurrence and not primary wrongdoing.15 Secondary liability is thus closely related to the definition of a primary wrong, whose boundaries can be adjusted to encompass a wider or narrower range of conduct within it.

Position of Internet Intermediaries in India and Germany - Legislative and Judicial Trends

Position in India

In India, the law pertaining to Intermediaries is well defined. The Indian Information Technology Act, 2000 (hereinafter referred as “IT Act”) as amended has not only given a legal definition to the term “Intermediary” but has also stipulated the rights, duties and obligations of intermediaries.

Section 2(1)(w) of the amended Information Technology Act, 2000 defines the term “intermediary” in the widest possible terms in the following manner "Intermediary" with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.”

Thus, ‘any legal entity who on behalf of another person, receives, stores or transmit any particular electronic record or provides any service with respect to that record including network service providers, websites and online marketplaces have been brought within the ambit of the term “intermediary” under Section 2(1)(w) of the amended Information Technology Act, 2000. The law relating to Intermediaries is elaborated in Section 79 of the Information Technology Act 2000.

Section 79 of the Information Technology Act 2000 is possibly one of the most important and significant provisions under the Indian Cyberlaw. Section 79 of the Information Technology Act, 2000 as amended reads as under.

Section 79 – Exemption from Liability of Intermediary in Certain Cases

1. Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-sections

2. An intermediary shall not be liable for any third-party information, data, or communication link made available or hosted by him.

3. The provisions of sub-section

(1) shall apply if

(a) the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored; or hosted.

(b) The intermediary does not-

(i) initiate the transmission,

(ii) select the receiver of the transmission, and

(iii) select or modify the information contained in the transmission

(c) The intermediary observes due diligence while discharging his duties under this Act and also observes such other guidelines as the Central Government may prescribe in this behalf.

(3) The provisions of sub-section (1) shall not apply if-

(a) The intermediary has conspired or abetted or aided or induced, whether by threats or promise or otherwise in the commission of the unlawful act.

(b) upon receiving actual knowledge, or on being notified by the appropriate Government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner.”

Explanation- For the purpose of this section, the expression “third party information” means any information dealt with by an intermediary in his capacity as an intermediary.”

From the above provision, it is clear that Section 79 is a self-contained code. The said Section has since been completely replaced by a new language by virtue of the Information Technology (Amendment) Act, 2008. Before the researchers examine the legal position pertaining to liability of intermediary, it is important to have a historical perspective of how the Information Technology Act has dealt with the said subject since the year 2000. Prior to moving forward and discussing the provisions of Section 79 of the Information Technology Act 2000 as amended, it is imperative to have a look as to what was the colour and nature of the language of Section 79 under the Information Technology Act 2000, prior to the amendments. Section 79 of the original Information Technology Act, 2000 stated as follows:

Network Service Providers not to be Liable in Certain Cases.

For the removal of doubts, it is hereby declared that no person providing any service as a network service provider shall be liable under this Act, rules or regulations made thereunder for any third-party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention. Explanation. For the purposes of this section.

(a) “Network service provider” means an intermediary;

(b) “Third party information” means any information dealt with by a network service provider in his capacity as an intermediary.”

The pre-amended provision presumed that the network service providers shall be liable in a majority of cases and would not be liable only in certain specified cases. This can be made out from the words “for the removal of doubts” in the provision. Section 79 was, thus, in the nature of a clarificatory section.Further, the term "Network Service Provider" not only included Internet Service Providers but also, all other intermediaries who were in the business of network service providing. This explanation further expanded the scope of "network service provider to include even those categories of providers, who, technically and practically may not be conceived to be network service providers, but who were deemed to be network service providers by means of their being intermediaries.

Explanation (b) to Section 79, explained the term "third party information" to mean any information dealt with by a network service provider in his capacity as an intermediary. This third-party information must necessarily originate from an independent source and is aimed at a distinct destination. Thus, a network service provider was absolutely made liable for information providing any third party or data made available by him on his service. Only in two specified conditions was the concerned network service provider not made liable.

The first excepted condition detailed under the then Section 79 was that if a network service provider was able to prove that the offence or contravention was committed without his knowledge, in that case, the network service provider shall not be liable for any third-party data or information made available by him on his service. Section 79 used the word "knowledge" which meant legal knowledge. The network service provider had to prove his lack of knowledge of the concerned offence or contravention. The law did not give any parameters as to how and in what particular manner, the network service provider was supposed to prove his lack of knowledge of the offence or contravention. Ordinarily, the lack of knowledge can be proved either by circumstantial or by specific direct evidence. It is also true that in a majority of cases, direct evidence about lack of knowledge is not forthcoming.

The second excepted condition under Section 79 of the Information Technology Act, 2000 stated that, if a network service provider proved that he had exercised all due diligence to prevent the commission of such offence or contravention, he shall not be liable for any third-party data or information made available by him on his service. However, the problem with the exemption is as to how the excepted condition could be proved by a network service provider, in legal proceedings before a court of law.

One of the first cases pertaining to the liability of network service providers was the BANK NSP CASE. In the said case, a bank employee had used the bank’s network, for the purposes of sending defamatory and derogatory email. The Bank was sued in its capacity as a network service provider and intermediary. In the said case for the first time the Delhi High Court had passed orders against the bank in its capacity as the intermediary relying upon the requirements of Section 79 of the Information Technology Act, 2000.

Section 79 of the Information Technology Act, 2000 came into sharp focus in the mid-2000s when the case took place.16 case originated from the famous DPS MMS which showed a schoolgirl giving oral sex to her classmate. The said MMS was recorded on a phone and was initially meant for private circulation. However, it leaked out in the public domain. A student at IIT Kharagpur tried to monetize the said DPS MMS by posting a post on the online auction portal The said post offered to sell the said DPS MMS for consideration. Due to the said post, a number of downloads were made by people. In that case, the CEO of was arrested on the grounds that was an intermediary and network service provider.The CEO of was subsequently released and charge sheet filed. The charge sheet was sought to be quashed by filing a petition before the Delhi High Court. The Delhi High Court dismissed the petition.

The Delhi High Court held that in its capacity as the intermediary had failed to exercise diligence since its filters were faulty and allowed content that was pornographic in nature to pass through, despite the listing itself having of same content and further the said website in its capacity as the intermediary did not account for any changes in its policy to tackle with the possibility of such content being listed on its website in the future. The Delhi High Court had held as follows:-

“Investigation proves that the MD of, who exercised control over the day to day functioning of the organization did not exercise due diligence to prevent the listing of the said obscene and lascivious clipping. The investigation reveals that the policies and conduct of its MD was designed to increase sale and maximize profits. The investigations found that the policy makers of the company were negligent in dealing with the matter and failed to exercise due diligence.”

With the mounting pressure from the Indian corporate sector and the infamous 2008 Mumbai attacks, necessitated the Government to plunge into action. The major contention was the broad and subjective interpretations of Section 79 of the IT Act, 2000.

Subsequently, the Indian Parliament amended Section 79 of the IT Act.17 The Amendment substituted the word ‘network service provider’ to ‘intermediaries’ thereby bringing within its scope not only ‘network service providers’ but all kinds of service providers including telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.18

Though the IT Act does not define the term ‘due diligence’ but the same is expected from the intermediaries not only while discharging their obligations but while following other guidelines as laid down in the Act. Further, Rule 3 of the Information Technology (Intermediaries Guidelines) Rules, 2011 (hereinafter referred as “Intermediary Guidelines”) details out the standards required for ‘due diligence’. Sub-rule (2) of Rule 3 requires intermediaries to inform the users about the prohibition to host, display, upload, modify, publish, update or share any information which is defamatory or obscene, invades by the privacy hates speech, integrates money laundering or other illegal or harmful content to minors, infringes intellectual property, violates law ,communicates grossly offensive or menacing message or spoofing, phishing, impersonation, vires or other worms to damage a computer resource or threaten unity, integrity, defense, security or sovereignty of India, friendly relations with foreign states or public order or incitement to commission of any cognizable offence or prevents any investigation of any offense. The guidelines also make it mandatory for every Intermediary to publish on its websites the privacy policy and terms of use. Rule 3(4) states that on receiving actual knowledge of a complaint from an affected party in writing, an Intermediary ought to have disabled such content within 36 hours of receipt of such notice. However, mere transient of information with no human editorial control or removal of objectionable information on actual knowledge will not render an Intermediary liable.

Even the Indian judiciary has interpreted the liability of intermediaries through various judgments. However, the researchers have included only those case laws which raise issues of liability of intermediaries in copyright infringement cases.

In the landmark case of Super Cassettes Industries v. MySpace Inc. 19 the Plaintiff filed a suit for permanent injunction restraining copyright infringement and claim for damages against Defendant No. 1, a social networking website wherein the users could share pirated copyrighted materials, images, videos at its location in United States of America. The Plaintiff contended that the Defendant made available infringing songs, pictures that users copy and share over Internet but also material which is not yet been released officially on other authorized channels. The Defendant claimed exclusion under Section 79 of the I.T. Act being an Intermediary on the ground that it had no knowledge or control over third party materials posted on its websites and had exercised due diligence. The court held that Section 79 (2) (a) of the IT Act were not satisfied as the Defendant not only provided access communication system where the third-party information is stored, transmitted or hosted but also added advertisements to the said information thereby modifying the work which means it offered its platform as the place for profit with knowledge. The court took the view that the Defendants’ action did not satisfy the due diligence and the criteria of no modification of information to claim exclusion of liability. The court observed that the Defendants took limited license to amend their content from its users and the Defendants thus had “the chance to keep a check on the works”. The court further held as follows:

“The defendants have sufficient means to modify the work by taking licenses from the users, adding advertisements to the works of the plaintiff. Consequently, the effective means for pre infringement enquires are also necessarily have to be performed by the defendants only. If the defendants state that there no means to do so due to some impossibility, the defendants must take preliminary measures at the time of modification of the works and prior to making them available to the public so as to ensure that the same does not infringe any one’s copyright. In other words, the court was of the view that defendants had ability to control and had reserved rights to control, did in fact monitor content so it should filter infringing materials as matter of pre infringement due diligence and not later when it receives actual notice. This situation is different from those networks who do not modify any third-party content and simply provide access to internet or other service and fall within exclusion criteria in Section 79 of IT Act, 2000.”

Similarly, Section 79 of the IT Act would not apply to copyright infringement cases which is specifically excluded by Section 81 (Act to have overriding effect) of the Act. Further, where future infringements are sought to be prevented an action for permanent injunction is maintainable.20

Apart from the judicial support, one measure to curb copyright infringement is the graduated response system (popularly known as “Three Strike Model” or “Hadopi”). This system originated from France and is now being practiced in other countries. However, the application of the model in India is a bit doubtful. As the Constitution of India grants to all citizens the fundamental right to freedom of speech and expression, subject to certain ‘reasonable restrictions.’ The Supreme Court has held that this right includes a ‘right to…information, knowledge and entertainment’21 and that the ‘content of the rights…remains the same whatever the means of communication including internet communication’.22 This means that the right to access information and entertainment through Internet is a fundamental right. However, the graduated response system would not find much support and appreciation in India as the Internet is still considered as a ‘luxury’ rather than a ‘necessity’. Rather than the graduated response system, the right holders have preferred other protection measures like website blocking orders or injunctions.

In 2019, adopting a ‘dynamic’ remedy granted in Disney Enterprises Inc. v. M1 Limited and Ors23 the Delhi High Court granted a ‘Dynamic Injunction’ whereby copyright-holders are not required to go through the ‘cumbersome’ process of a judicial order in order to issue blocking orders to ISPs. Instead, they can approach the Joint Registrar of the Delhi High Court to extend an injunction order already granted against a website, against a similar ‘mirror/redirect/alphanumeric’ website which contains the same content as the original website.24

Position in Germany

In this part, the researchers would analyse the framework existing in Germany on the liability of intermediaries. The researchers would first study the EU legal framework on intermediary liability and copyright law, and then analyse its application in Germany. It is worth mentioning here that the EU legal framework comprises of the whole body of legal sources of EU that are relevant to copyright law, the enforcement of copyrights, and the liability of intermediaries for copyright infringements. Firstly, the framework includes primary EU law, most notably the EU Charter of Fundamental Rights, which protects a set of fundamental rights that are also relevant for questions of copyright enforcement and intermediary liability. The framework further comprises of secondary EU law comprising of provisions on copyright law, the enforcement of copyrights, as well as on the liability of intermediaries. Finally, also the CJEU’s case law, in which the Court interprets the norms in the aforementioned sources of EU law, is considered to be part of the EU legal framework.

However, the EU legal framework would not be analyzed in isolation. Rather, they would be discussed side by side, along with the relevant directives and provisions. The directives provide rules that are relevant for both the intermediary’s primary and secondary liability for copyright infringements (Kulk, 2019). On one hand, the framework tries to harmonize rules of copyright law across EU member states but on the other hand, some aspects are unaddressed leaving the room for the member states to address.

The EU legal framework comprises of four directives – the Copyright Directive25the E-Commerce Directive26 the Enforcement Directive; and the Directive on Copyright in the Digital Single Market (hereinafter referred as “DSM Directive”).27

Copyright Directive of 2001

The need to update existing copyright law led to passing of the Copyright Directive which harmonized copyright law to ensure that EU Member States would uniformly respond to the challenges of new technologies. The first step towards protection of copyright law was in 1988 when the European Commission adopted the Green Paper on ‘Copyright Law and the Challenge of Technology’.28 The Commission pertinently pointed out the rise of production of information goods and services along with a crucial need for copyright protection.

In the White Paper on ‘Growth, Competitiveness and Employment’ published in 1993, the European Commission aimed to accelerate the development of new ‘information highways’ which can be paralleled with today’s Internet. Subsequently, the Bangemann Report of 1994 called for “to maintain a high level of intellectual property protection”. It suggested a re-examination of existing national and EU legal regimes in order to promote the development of new information products and services, and in particular ‘the ease with which digitized information can be transmitted, manipulated and adapted’ requiring new solutions to protect copyright owners.29

Apart from European Commission, at the International level, the World Intellectual Property Organization (herein after referred as “WIPO”) also raised concerns with the increasing penetration of new technologies.

Subsequently, in December 1996, two new treaties were concluded at WIPO: the WIPO Copyright Treaty (WCT) and the WIPO Performances and Phonograms Treaty (WPPT). The object of these treaties was to update and improve the protection of the already existing copyright and related rights treaties. It also specified two new types of copyrightable subject matter: computer software and databases.30 It also contains provisions on the scope of the distribution right, the rental right, and the right of communication to the public. The Treaty also introduced rules on technological protection measures in order to give copyright owners more control over the digital use of their materials.31

The technological changes saw a wide shift in the late 1990s when newer technologies like Wireless Application Protocol (WAP), Universal Mobile Telephone Systems (UMTS), broadband, interactive television, etc. made the legislators reconsider the existing legislations and to quickly adopt the directives addressing the challenges faced by the rise of Internet.

DSM Directive, 2019

In 2015, the European Commission planned to foster the ‘Digital Single Market’ – a market which enables consumers to enjoy cross-border access to digital services, providing for a level playing field for companies, and which creates the conditions for a vibrant digital economy and society. The object was to reduce the difference between national copyright laws and to further harmonize the EU legal framework on copyright law.32

The EU legal system, on one hand, provides exemptions to intermediaries for infringements, but on the other hand, it also recognizes the responsibility of intermediaries to stop or prevent copyright infringements of others. Firstly, Article 8 (3) of the Copyright Directive grants a power to apply for an injunction against an intermediary if the intermediary’s service is used by others for infringement. The provision enables the copyright owners to hold intermediaries responsible even if such intermediaries are not involved (directly/indirectly) in the infringement of their copyright. The requirement of ‘knowledge’, however, is not essential which is evident from the language of the provision. Further, the Directive provides for the responsibilities of intermediaries. Article 11 requires that that injunctive relief should be available to copyright owners and also requires Member States to ensure that right holders are in a position to apply for an injunction against intermediaries whose services are used by a third party to infringe an intellectual property right.

Even though the EU Directives specifically leave it to the Member States to decide the conditions for imposing injunctions, it provides the general requirements for granting injunctions.

As per Article 8 (1) of the Copyright Directive, sanctions and remedies should be ‘effective, proportionate and dissuasive’. Article 3 of the Enforcement Directive provides for a more extensive set of criteria and requires that enforcement measures should ‘be fair and equitable and shall not be unnecessarily complicated or costly, or entail unreasonable time-limits or unwarranted delays’. Moreover, they should be ‘effective, proportionate and dissuasive and shall be applied in such a manner as to avoid the creation of barriers to legitimate trade and to provide for safeguards against their abuse’.

However, it is unclear whether the requirements in the Enforcement Directive, dealing with intellectual property enforcement in general, also hold good for copyright infringements. From a conjoint reading of Article 8 (3) with Article 11, it is clear that in no way the former affects the possibility of copyright owners to apply for an injunction as provided in the latter. The CJEU has referred to the conditions as provided in the Enforcement Directive while deciding few case laws.33

Thus, the directives, by not specifying the conditions under which injunctions must necessarily be issued by Member States have set only the outer framework, leaving the details to be filled by the Members. This, in turn, has left a room for interpretations and discussions for the Member States.

The EU Charter of Fundamental Rights, however, plays a key role in shaping the intermediary’s responsibility at the EU level. The fundamental rights enshrined in the Charter are employed by the CJEU to further specify what can be expected from intermediaries. The CJEU’s decision in Promusicae34 was instrumental in recognizing that the field of intermediary liability is at the crossroads of the fundamental rights of copyright owners, intermediaries, and users.

Promusicae dealt with the release of subscriber data by access providers. These subscribers shared music files in peer-to-peer networks. The release of such identifying data enabled copyright owners to enforce their rights against infringing users.

The issue which came up for consideration before the CJEU was whether the Member States require to oblige access providers to release data about subscribers. The CJEU found that no such obligation exists under secondary EU law. With the protection by the EU Charter of subscriber’s right to property and right to privacy, the CJEU devised a formula requiring Member States to implement EU law in such manner which allows a fair balance between different fundamental rights:

The Member States must, when transposing the directives mentioned above, take care to rely on an interpretation of the directives which allows a fair balance to be struck between the various fundamental rights protected by the Community legal order. Further, when implementing the measures transposing those directives, the authorities and courts of the Member States must not only interpret their national law in a manner consistent with those directives but also make sure that they do not rely on an interpretation of them which would be in conflict with those fundamental rights or with the other general principles of Community law, such as the principle of proportionality.

The CJEU reiterated the ‘fair balance’ rule, and also identified the relevant fundamental rights: the right to the protection of intellectual property, the freedom to conduct a business, and the Internet user’s right to freedom of information. The CJEU further observed that the injunction restricted the access provider’s freedom to conduct a business, the injunction did not require unreasonable sacrifices to be made allowing the access provider to avoid liability by proving that it took all ‘reasonable measures’. However, the interpretation of the term ‘reasonable measures’ is discretionary without much boundaries.

The CJEU further held that cessation of infringement is not required for the injunction to strike a fair balance. In choosing a measure, the access provider must ensure ‘compliance with the fundamental right of internet users to freedom of information’. The CJEU held that the injunction must be strictly targeted, in the sense that it would have to end copyright infringements. If the measure would affect the user’s access to lawful information, the ‘provider’s interference in the freedom of information of those users would be unjustified in the light of the objective pursued’.

Under the German law, an intermediary can be held liable either for its own copyright infringement or through the application of the Störerhaftung doctrine. Article 97 (1) of the German Copyright Act provides the basis for injunctive relief against copyright infringers. Anyone who infringes a copyright can be ordered to terminate that infringement. But if there exists a risk of a subsequent infringement, then the infringer can be asked to cease and desist further infringements. Thus, the German law essentially distinguishes between liability for one’s own information and non-liability for the information of others. This distinction clearly demarcates separates content providers who are fully liable for the information they publish, from intermediary service providers who only store or transmit the information of others and whose liability is limited. However, an intermediary can still be held liable for information that was initially provided by others if the intermediary makes that information its own.

A potential infringer who has not yet infringed can also be subject to injunctions. Preventive injunctions may be issued against those who have infringed and who may infringe again, but also those who have not yet infringed but are likely to do so in the future. Article 97(2) of the German Copyright Act, thus, enables copyright owners to claim compensation for damage caused by the copyright infringement.

It is pertinent to pint out here that Article 7 (1) of the Telemedia Act provides that service providers are responsible for their own information, that they make available for use. For example, a news website publishing defamatory statements is fully liable for that information because it makes its own information available. However, in practice, no intermediary makes its own information available but merely offer access to information that is provided by others.

Thus, intermediaries which perform curatorial activities using the information of others can be liable for the information they add to the pre-existing information. If a search engine user, for example, enters keywords into the search engine’s input field, this function automatically suggests additional keywords or alternative queries. This information, as per Article 7 (1), is considered as the search engine operator’s own information. However, this does not essentially mean that the intermediary is liable. It merely conveys that the search engine’s conduct is not covered by the liability exemptions and it can be held liable under other laws.

On the other hand, information that was initially provided by someone else can become the intermediary’s own information if the intermediary makes the user-provided content its own. Where a website published recipes and photos of dishes that were provided by users of the website, it amounted to copyright infringement.35

However, where an intermediary like YouTube, which supports the materials uploaded by its users with additional functionalities, and makes a profit from its platform through advertising, does not make the user-uploaded videos its own and thus cannot be held liable as an infringer.


The law on liability of intermediaries is an evolving process. Its contours have been expanding with technologies and will continue with the emerging technologies. Social media platforms along with other platforms will not be able to operate independently if the intermediaries are held liable for the infringement done by the users.

The Indian law does not hold an intermediary liable unless there is an ‘actual knowledge’ with Intermediaries or the Intermediaries modify/select third party content and publish it. However, while doing so, it is essentially required to observe due diligence requirements and other conditions as stipulated in Section 79 of the IT Act, 2000.

On the other hand, the German law strictly follows the EU’s Copyright Directive. However, with the rise of video hosting platforms, as well as news search engines and aggregators, there is an increasing friction between intermediaries offering the above services and the owners of copyright. The German courts have tried to address this friction and have casted a duty on the video hosting platforms not only to remove the alleged content but also to monitor for further infringing materials. The German courts have extensively utilized the Störerhaftung which has been a flexible tool addressing not only traditional but also newer intermediaries.


    In Davision v. Habeeb [2011] EWHC 3031 (QB), [38] (HHJ Parkes QC)

    “It was held that ‘internet intermediaries’ and ‘postal services’ are both ‘simply conduits, or facilitators, enabling messages to be carried from one person, or one computer, to another’.

    Section 79: Exemption from Liability of Intermediary in certain cases

    (1) Notwithstanding anything contained in any law for the time being in force but subject to the provisions of sub-sections (2) and (3), an intermediary shall not be liable for any third party information, data, or communication link hosted by him. (corrected vide ITAA 2008)

    (2) The provisions of sub-section (1) shall apply if-

    (a) the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored; or

    (b) the intermediary does not-

    (i) initiate the transmission,

    (ii) select the receiver of the transmission, and

    (iii) select or modify the information contained in the transmission

    (c) the intermediary observes due diligence while discharging his duties under this Act and also observes such other guidelines as the Central Government may prescribe in this behalf (Inserted Vide ITAA 2008)

    (3) The provisions of sub-section (1) shall not apply if-

    (a) the intermediary has conspired or abetted or aided or induced whether by threats or promise or otherwise in the commission of the unlawful act (ITAA 2008)

    (b) upon receiving actual knowledge, or on being notified by the appropriate Government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner.

    Explanation:- For the purpose of this section, the expression "third party information" means any information dealt with by an intermediary in his capacity as an intermediary.

    Section 2 (1)(w): "Intermediary" with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.

Get the App