IPR IN CYBERSPACE

UNIT-III

Nithin Rajeev, Assistant Professor, IFIM Law

School
 Insert Image

EVOLUTION OF IP IN CYBERSPACDE

• With the mass increase in the use of cyber space, availability of content
(electronic form) across digital platforms increased by many folds; innovation
gave rise to the creation of original and novel content, and intellectual
property was disseminated overcoming all geographical boundaries.
• Cyberspace being a tool of access to data and resources, it expanded human
reaches towards global information. As a result, there developed an
undeniable relationship between cyberspace and IP.
• However, while on one hand, content of various kind including elements of
copyright, trademark and patent became easily available to one and all
across digital platforms, on the other, there arose instances of violation of
intellectual property owing to theft of such content which in turn resulted in
complications of piracy and infringement of the rights accruing from such
intellectual properties.
2
 Insert Image

• Consequently, the necessity of protecting digital content was acknowledged,

and accordingly, the legal framework of Cyber Law was established to
address all concerns of misuse and misappropriation of intellectual property
on cyberspace.
• Intellectual property is fundamentally associated with territoriality, while
cyberspace cannot be restricted within territorial boundaries. As a result of
intellectual property being available on cyberspace, the inherent nature of
intellectual property underwent an evolution, thereby giving rise to newer
interpretations of both cyberspace and intellectual properties.

3
 Insert Image

COPYRIGHT IN CYBERSPACE
• Cyberspace provides to copyright law a platform to promote and channelize its
objectives and purposes, the most significant of which is to provide to the society
access to knowledge for establishing overall societal advancement.
• The intrinsic philosophy of copyright law is aimed at fostering creativity and
innovation which the copyright owner and/or holder may subject to commercial
exploitation; and cyberspace served as the perfect medium for fulfilling such
purposes.
• Not only does the internet eliminate all distinction between private and public use,
but it also creates complications towards the interpretation of use of copyrighted
materials thereby diluting the grounds of copyright infringement.
• The fundamentals of the copyright law state that infringement shall be deemed to
have occurred if the exclusive rights of the copyright owner are exercised without
express authorization of the owner or right-holder. Since the copyright law validates
the use and/or reproduction of copyrighted material for personal/private use, it is
essential to understand whether copyrighted content has been subjected to private
use or not for determining the occurrence of infringement
4
 Insert Image

• Copyright compliance in cyberspace is hampered by the use of computers, the

internet, and streaming, copying, copy-cutpaste, deep linking, and peer-to-peer
file sharing.
• The Indian Copyright Act, which was first enacted in 1957. The Act hasbeen
amended five times since its enactment i.e., in 1983, 1984, 1992, 1994, 1999 and
2012.
• The Copyright (Amendment) Act, 2012 is the most substantial and in alignment
with digital transformation in general ad internet in particular. The Copyright Act
is now considered a piece of law, and the general outlook is that the revised Act
will be able to withstand copyright problems arising from emerging technology,
particularly those arising from the Internet.
• The Act has adapted to the modern age by dropping some limiting clauses and
phrases and extending the meanings of works like cinematograph films (motion
pictures) and sound recordings (phonograms) to allow certain works in “any
format” within their purview. It does not, however, cover all facets of the digital
problems that are now surfacing.
• The great majority of user-generated material on social networking platforms is
classified as one of four types of works: (1) texts, (2) images, (3) music
recordings, or (4) videos.
5
 Insert Image

FAIR USE IN CYBERSPACE

• There are four non-exclusive factors for courts to consider in determining whether any
particular use is a fair use and thus not an infringement of copyright. The four factors
are:
• 1. the purpose and character of the use, including whether such use is of a commercial
nature or is for non-profit educational purposes;
• 2. the nature of the copyrighted work;
• 3. the amount and substantiality of the portion used in relation to the copyrighted work
as a whole; and
• 4. the effect of the use upon the potential market for or value of the copyrighted work
• In the case of influencers, the line between commercial and non-commercial is difficult
to draw because some may be able to demonstrate that their content is for genuine
criticism or review, whereas in other cases, there may be a promotion of another
product or brand alongside the criticism of the copyright owner's brand, which then
becomes a commercial activity
6
 Insert Image

• Kelly v Arriba Soft Corp the plaintiff, Leslie Kelly, a professional photographer
who had copyrighted many of his images of the American West. Some of these
images were located on Kelly’s website or other websites with which Kelly had
license agreement.
• The defendant, Arriba Soft Corp. operated an Internet search engine that
displayed its results in the form of small pictures rather than the more usual
form of text.
• Arriba obtained its database of pictures by copying images from other websites.
By clicking on one of these small pictures, called ‘thumbnails’, the user could
view a large version of that same picture within the context of the Arriba web
page.
• The circuit court held that “the creation and the use of the thumbnails in the
search engine is a fair use, but the display of the larger image is a violation of
Kelly’s exclusive right to publicly display his works.

7
 Insert Image

TRADEMARK AND CYBERSPACE

• Evolution of cyberspace has given rise to ample scope of misuse of such

trademarks by unauthorized parties which in turn has resulted in misleading
consumers and violating the rights of the original trademarks.
• Domain names have become a kind of ‘e-commerce marks’ in the online
medium. These are digital business addresses – a point of business contact or
transaction. Domain names provide a system of easy-to-remember Internet
addresses, which can be translated by the Domain Name System (DNS) into the
numeric addresses (Internet Protocol (IP) numbers) used by the network.
• The inter-relationship between trademarks and cyberspace was developed in
exclusive association with the concept of domain names. In simple words,
domain names represent the IP address used in surfing the world wide web. It is
owing to use of domain names on cyberspace that the strictly territorial nature
of trademarks has now broadened to become global.

8
 Insert Image

9
 Insert Image

• While on one hand such domain names may refer to internet based digital
platforms associated with certain goods and/or services and in turn
substantiate the commercial prospects of online businesses, on the other, they
would be indicative of the identity, goodwill and quality complimenting such
goods and/or services.
• Evidently, misappropriation of domain names could not only cause immense
damage to the business of infringed chain of goods/services, they could
completely destroy the goodwill associated with such brands which may have
taken ages to build
• Additionally, domain name registrations being done on a ‘first come first
served’ basis, there are various instances of fraudulent registration of domain
names whereby the party registering, in spite of having no legitimate interest
in the brand, deliberately infringed the rights of the original trademark owners
to acquire registration in an unauthorized manner.
• Infringement of trademarks through abuse of domain names on cyberspace is
hence a very serious concern for flourishing trades and businesses

10
 Insert Image

CYBERSQUATTING
• Cybersquatting, which literally means ‘sitting on another person’s property’,
may be described as instances of fraudulent use and misappropriation of
domain names which involve exploitation of online identities of brands that
result in violation of rights of the original right-owners.
• Cybersquatting often give rise to situations wherein parties who have no
legitimate rights in certain trademarks get domain names registered in their
names and subsequently sell those to the original owner or other parties at
exorbitant prices It may be done inter alia with the intent of preventing the
original owner of brands from having access to such domain names, diverting
the traffic off the cyberspace associated with the websites of competing brands,
and selling such domain names to earn profits.

11
 Insert Image

• In India, there is no statutory provision to prevent cybersquatting; however,

certain provisions of the Trademarks Act, 1999 are broad enough to address
such issues. Cybersquatting can be protected within the legal framework of
‘passing off’ which emerges from common law principle.
• Consequently, any person lodging a complaint against cybersquatting
necessarily involves the mandate of establishing the following –
• a) Dishonest intention of the fraudulent party
• b) Absence of legitimate rights being held by the fraudulent party
• c) Similarity between the domain name fraudulently registered and the
trademark owned by the authentic right-holder
• The first Indian case that extensively discussed issues of domain name disputes
visà-vis cybersquatting was Yahoo Inc. v Akash Arora (78(1999) DLT
285),wherein, the defendant contended having used a common dictionary
word and having provided a disclaimer in the website with the intention to
avoid confusion being created with the plaintiff’s website which was registered
in more than 69 countries. However, the court held that despite such
disclaimers,
12
there would be necessary associations made with the original
website of yahoo which was based in a well known and distinct trademark.
 Insert Image

• Subsequently, in the case of Tata Sons Ltd. &Anr.v. ArnoPalmen&Anr, the

Delhi High Court dealt with a landmark case on domain name disputes and
cybersquatting.
• The plaintiffs sought permanent injunctions against the defendant’s use of
the domain name ‘www.tatainfotech.in’ or such domain names deceptively
similar to the plaintiff’s registered trademark which, they alleged, had been
registered only with the intention of earning illegal gains by commercially
exploiting the same.
• The defendant however, argued that ‘Tata Infotech’ had been their trade
name since 1997, and claimed to have earned a goodwill in the trade owing
to a flourishing business.
• The court held that similarity in domain names could indeed result in
diversion of traffic across websites, and could even cause economic loss to
the registered right-holders of the original trademark owing to the outreach of
e-commerce and cyberspace.
• It was hence held that the impugned website had been registered with mala
fide intentions in bad faith with the sole objective of acquiring advantage
from exploitation of the plaintiff’s registered trademark.
13
 Insert Image

• There are also instances called ‘Reverse Domain Name Hijacking’, wherein,
parties come up with false allegations of cybersquatting against rightful owners
through legal actions, as a result of which, such rightful owners end up
transferring their rights to the fraudulent claimants for the sake of avoiding
legal costs. Cases of reverse domain name hijacking hence has been seen to
happen majorly against small entities or individual owners of trademark who
often lack the financial strength to take up expenses involved in litigation.

14
 Insert Image

• Software Piracy and Intellectual Property Rights

Protection
• Software piracy is the unauthorised copying, distribution, or use
of copyrighted software without the proper permission or license
from the software’s creator or publisher.
• This can include activities such as
• making multiple copies of a single software license,
• distributing software without a valid license,
• downloading pirated versions from the internet, or
• using a single licensed copy on multiple computers without the
appropriate multi-user license.

15
 Insert Image

• Understanding the Indian Copyright Act of 1957

• In India, the Copyright Act of 1957 provides a legal framework to address
software piracy, encompassing both civil and criminal laws.
• Those found guilty of software copyright infringement can face a sentence
ranging from a minimum of seven days to a maximum of three years.
• Additionally, monetary penalties can vary between 50,000 rupees and 200,000
rupees. In certain piracy scenarios, provisions from the Information Technology
Act of 2000 may also be applicable.
• The Indian Copyright Act, 1957, under Section 13 (1) (a), extends
protection to various original creations, treating computer programs as unique
literary works.
• Section 51 (a) (ii) of the Act specifies that using a location to communicate
copyrighted software or other works to the public for profit constitutes
copyright infringement.
• The term “communication to the public” is defined in Sec. 2(ff) of the Act as the
act of listening to, enjoying, or viewing copyrighted content. However, the Act
doesn’t
16 explicitly address the liabilities of Internet Service Providers, unlike
some other countries.
 Insert Image

• Information Technology Act, 2000: A Closer Look

• The Information Technology Act of 2000 serves as a significant tool against the
rampant infringement of copyrighted software. Section 2(w) of the Act
encompasses all Internet service providers and other intermediaries.
• This includes entities like cybercafés, auction sites, online payment platforms,
search engines, and more, which receive, store, and provide records on behalf
of another individual.
• However, the Act doesn’t clearly define the extent or amount of liability that
can be imposed on these service providers.
• They can be exempted from certain sections if they can demonstrate a lack of
knowledge about the offense or if they’ve taken reasonable measures to
prevent such offenses.

17
 Insert Image

• The Act categorises the services provided by Internet Service Providers into three
types: transmission of third-party information, links hosted by the providers, and
storage of third-party data.
• This legislation essentially offers a protective shield for search engines and Internet
Service Providers, allowing them to distance themselves from third-party content.
• This, in turn, absolves them from the responsibility of implementing stringent measures
to curb piracy. However, the Act falls short when it comes to addressing situations
where a service provider is alerted about the use of pirated content on their platform.
• To claim exemption, providers must prove that they neither initiated, received, nor
altered any transmission of the work.
• The Ministry of Communication and Information Technology has introduced mandatory
guidelines outlining the due diligence required by intermediaries during the
transmission of work.
• These guidelines, which subscribers must also adhere to, are outlined under Section 79
of the Act, 2000.
• Rule 3(4) of the Act stands out as a beneficial provision for copyright owners.
• It mandates the removal of pirated content from services once identified and
communicated to the respective service provider. Failure to comply can lead to legal
action against the service provider.
18
 Insert Image

JUDICIAL STANCE

• For instance, in the 2006 Microsoft case (Microsoft Corporation v. Deepak Raval ),
the Delhi High Court recognised the defendant’s infringement of copyrighted products
like Microsoft Office 2000 and Microsoft Office 9.
• The court emphasised the pressing need to combat piracy, given the escalating
instances of copyright violations, and consequently ordered the defendant to pay
significant damages to Microsoft.
• In the renowned case of Super Cassettes Industries v. Yahoo Inc., the plaintiff
argued that Yahoo had violated their copyrighted content via its portal.
• The court responded by issuing an injunction, preventing Yahoo from reproducing and
transmitting the plaintiff’s copyrighted material on its platform.
• Another case, Microsoft Corporation v. Mr. Kiran and Anr., saw the court
highlighting the growing threat of software piracy in India and the urgent need for
robust laws to deter such infringements.
19
 Insert Image

• In Syed Asifuddin and ors v The State of Andhra Pradesh & Anr , the
Tata indicom employees were arrested on charges of hacking a computer
source code under Section 65 of the IT Act,2000 for altering the electronic 32
bit number (ESN) programmed into cellphones that were to be exclusively
used only on Reliance infocomm’s service network. The court observed that
such tampering of code is punishable offence under Section 65 of IT Act.
The court observed that in view of Section 2(o) & (ffc) section 13 and 14 of
Copyright Act computer programme is a literary work protected by
copyright and as per Section 63 (copyright act) any infringement of
computer programme is punishable. However , the court observed that this
issue will be decided by the trial court after evidence is led before trial court.

20
 Insert Image

INFORMATION TECHNOLOGY ACT, 2000

• The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the
Indian Parliament reported on 17th October 2000. This Information Technology Act is based
on the United Nations Model law on Electronic Commerce 1996 (UNCITRAL Model) which
was suggested by the General Assembly of United Nations by a resolution dated on 30th
January, 1997. It is the most important law in India dealing with Cybercrime and E-
Commerce.
• The main objective of this act is to carry lawful and trustworthy electronic, digital and online
transactions and alleviate or reduce cybercrimes. The IT Act has 13 chapters and 94 sections.
The last four sections that starts from ‘section 91 – section 94’, deals with the revisions to the
Indian Penal Code 1860.
• The IT Act, 2000 has two schedules:
• First Schedule –
Deals with documents to which the Act shall not apply.
• Second Schedule –
Deals with electronic signature or electronic authentication method. offences and the punishments in IT Act
2000 :
The offences and the punishments that falls under the IT Act, 2000 are as follows :-
21
 Insert Image

• Chapter 1 deals with the applicability of the Act and definitions of various
terminologies used in the Act.
• Chapter 2 talks about digital and electronic signatures.
• Electronic governance and electronic records are given under Chapters 3 and 4
respectively.
• Chapter 5 is related to the security of these records and Chapter 6 deals with
regulations of certifying authorities.
• Chapter 7 further gives the certificates needed to issue an electronic signature.
• Chapter 8 gives the duties of subscribers and Chapter 9 describes various
penalties.
• Chapter 10 provides sections related to the Appellate Tribunal.
• Chapter 11 describes various offences related to breach of data and their
punishments.
• Chapter 12 provides the circumstances where the intermediaries are not liable for
any offence or breach of data privacy.
• The final chapter, i.e., Chapter 13 is the miscellaneous chapter.
22
 Insert Image

Electronic Signature and Digital Signature

• An electronic signature is simply a legally valid electronic replacement of a

handwritten signature. Digital signatures carry a user's information along with
electronic signatures. Electronic signatures do not contain any authentication
attached to them. A digital signature secures a document.
• A digital signature secures a document. An electronic signature verifies the
document. Digital signatures are validated by licensed certifying authorities
such as eMudhra. Electronic signatures are not validated by licensed certifying
authorities.
• An example of an electronic signature is when you digitally sign a document by
typing your name in a designated signature field. Another example of an
electronic signature is a scanned image of your handwritten signature that you
insert into a document.

23
 Insert Image

24
 Insert Image

In public key encryption, a public key and a private key are

generated for an application. The data encrypted with the public
key can be decrypted only with corresponding private key. Only
the owner can access the private key to decrypt messages that
are encrypted with the corresponding public key.
The terms public key and private key are frequently used in the
field of encryption and decryption. They play a significant role in
securing sensitive information and critical data.
A private key is a tool that allows a user to both encrypt and
decrypt data. Shared between the sender and receiver of
encrypted information, this key is also known as a symmetric key
because it is common to both parties.
A public key, on the other hand, is used to encrypt data, while
the private key is used for decryption. Simply put, a user can
encrypt data using a single (public) key, and then the receiver
uses a private key to decrypt the ciphertext and read the
message. This is also referred to as asymmetric cryptography.
Ex: Bob wants to send Alice an encrypted email. To do this, Bob
takes Alice's public key and encrypts his message to her. Then,
when Alice receives the message, she takes the private key that
is known
25 only to her in order to decrypt the message from Bob.
 Insert Image

• What Is a Certificate Authority (CA)?

• A certificate authority (CA), also sometimes referred to as a certification
authority, is a company or organization that acts to validate the identities of
entities (such as websites, email addresses, companies, or individual persons)
and bind them to cryptographic keys through the issuance of electronic
documents known as digital certificates.
• Certifying Authority means a person who has been granted a license to issue an
Electronic Signature Certificate under section 24. The IT Act provides for the
Controller of Certifying Authorities (CCA) to license and regulate the working of
Certifying Authorities.
• XtraTrust DigiSign Private Limited.
• eMudhra Limited.
• Capricorn Identity Services Private Limited.
26
 Insert Image

• Types of E-commerce
• E-commerce/e-business may be classified at large in the following six basic types:
• Business to Business (B2B)
• Refers to all electronic transactions of goods and sales that are conducted between two
companies, generally between the producers and wholesalers. The famous website acting
as a catalyst between such wholesalers and producers maybe India-mart.
• Business to Consumer (B2C)
• Various predominant e-commerce persisting in India wherein the customer gets a big
market to purchase goods and services. Here, the E-commerce website serves as a
platform for the sale of the goods directly to the end-consumer of the products. For
instance Flipkart, Amazon, Myntra etc.
• Consumer to Consumer (C2C)
• Generally this model uses the online platform of money and various social media for its
existence. The widespread known phenomenon of “OLX pe Bech de!” can be the best
example to understand E-Commerce at the consumer to consumer-level basis. Example:
eBay is one global example of this kind of e-commerce.
27
 Insert Image

• Consumer to Business (C2B)

• When the Customer provides goods or services in exchange for money. For Ex. A
customer review or the advertisement of a company by an influencer amongst
his followers etc.
• Business to Administration (B2A)
• This e-commerce category refers to the services and products offered by the
companies to the Public Administration. For Instance: the small company
providing IT support to the local administrative body
• Consumer to Administration (C2A)
• This heading includes all the transaction whereby there is a payment made
electronically towards the public administration such as taxes, health
appointment.

28
 Insert Image

Electronic Contract
• refers to a contract that takes place through e-commerce, often without the
parties meeting each other. It refers to commercial transactions conducted and
concluded electronically.
• A customer drawing money from an ATM machine is an example of electronic
contract. Another instance of e-contract is when a person orders some product
from an online shopping website.
• Globalization and diffusion of technology has accelerated the presence of e-
commerce companies throughout the world. Online auctions are also gaining
popularity whereby buying and selling takes place through bidding using the
Internet.

29
 Insert Image

• A browse wrap agreement is intended to be binding on the contracting party by the

use of the website. Such contracts are usually used by websites wherein the continued
use of a website by a user is deemed to be acceptance of its revised terms of use and
other policies.
• A shrink wrap contract is a license agreement where the terms and conditions of the
contract are enforced upon the consumer as soon as he opens the package. Such
contracts can be generally observed in the case of buying of software products. The
license agreement indemnifies the user for any copyright or intellectual property rights
violation of the manufacturer as soon as the buyer opens the pack (containing the
software product).
• Click wrap or click through agreements require the user to manifest his consent or
assent to the terms and conditions governing the licensed usage of the software by
clicking "ok" or "I agree" button on the dialog box. A user may choose to disagree or
reject the terms by clicking cancel or closing the window. Such a user will not be able to
buy or use the service upon rejection. One regularly comes across such a type of
contract during online transactions, while downloading software or creating an e-mail
account. Unlike the shrink wrap agreements where the terms of the agreement are
hidden inside the box, in case of click wrap agreements, all the terms and conditions are
accessible prior to acceptance, either in the same window or through a hyperlink.

30
 Insert Image

OFFENCES

 Section 65-Section 71

31
 Insert Image

• Circumstances where intermediaries are not held liable

• Section 2(1)(w) of the Act defines the term ‘intermediary’ as one who receives, transmits, or
stores data or information of people on behalf of someone else and provides services like
telecom, search engines and internet services, online payment, etc. Usually, when the data
stored by such intermediaries is misused, they are held liable. But the Act provides certain
instances where they cannot be held liable under Section 79. These are:
• In the case of third-party information or communication, intermediaries will not be held
liable.
• If the only function of the intermediary was to provide access to a communication system
and nothing else, then also they are not held liable for any offence.
• If the intermediary does not initiate such transmissions or select the receiver or modify any
information in any transmission, it cannot be made liable.
• The intermediary does its work with care and due diligence.
• However, the section has the following exemptions where intermediaries cannot be
exempted from the liability:
• It is involved in any unlawful act either by abetting, inducing or by threats or promises.
• It has not removed any such data or disabled access that is used for the commission of
unlawful acts as notified by the Central Government.
32
 Insert Image

CYBER CRIMES

• Hacking: The Most common and popular type of cyber crime that we might
have heard since our childhood. Hacking is the most prevalent cyber crime in
almost every part of the World, were technology is being rapidly used by the
Human Race. It’s the un-authorized access and use of the victim’s computer by
a Hacker to take all the sensitive information like data and images from the
target device, who is a learnt person in Cyber Programming. The hacker mis-
uses the information being obtained by him via the un-authorized access
against the Victim, in order to blackmail or defame him.
• Cyber Stalking: The most common cyber crime these days, stalking simply
means constantly following any person, usually females and threatening or
messaging them repeatedly even after their objection on the same. Cyber
Stalking is punishable u/s.66-A, 67 of Information and Technology Act, 2000
and Section 354-D of IPC, 1860

33
 Insert Image

• Cyber Defamation: Publication or posting any material on social media or other

online platforms against a respected citizen of the Country which lowers his
integrity and image in the eyes of others, without any evidence with a malafide
intension is a Crime in India, which along with the I.T. Act, 2000 is also punishable
under Section 499 and Section 500 of Indian Penal Code, 1860.
• Banking Fraud: The Banking Fraud is on its peak these, especially in the admist of
nation-wide lockdown due to Covid-19. The fraudsters impersonates as
representatives of bank, and extorts the crucial and sensitive information like CVV
Number, OTP, etc. from the innocent customers by fraudulently deceiving them
and making false stories, resulting into credit card and banking fraud. Even some
fraudsters installs the skimmer in the ATM Machines, which clones the credit or
debit card of the customers, ultimately causing financial losses to them
• Cyber Terrorism: This is the most grave and serious type of cyber crime prevailing
in India. In this, tools are used to interrupt in National Infrastructure and Defense by
shutting down the energy, transportation and communication facilities. In simple
words the Government Websites are being hacked by the criminals and is mis-used
in order to damage the Defense and Infrastructure of that particular nation. Ex-
Online Threatening Emails to various Government Officials or Ministers, Bomb
threats, etc
34
 Insert Image

• Phishing: Phishing attacks are fraudulent emails, text messages, phone calls
or web sites designed to manipulate people into downloading malware, sharing
sensitive information (e.g., Social Security and credit card numbers, bank
account numbers, login credentials), or taking other actions that expose
themselves or their organizations to cybercrime.
• Successful phishing attacks often lead to identity theft, credit card fraud,
ransomware attacks, data breaches, and huge financial losses for individuals
and corporations.
• Identity theft: Any digital identity theft definition includes a malicious actor
that illegally acquires personal information (date of birth, social security
number, credit card details etc.) and uses it for identity fraud (cloning credit
cards, applying for loans, extorting the victim etc.).
• Online, identity theft works largely as it does offline, with a remarkable
difference. The massive volume of information attackers can find about you on
the Internet and its level of detail makes their “job” much easier and
significantly more lucrative.

35
 Insert Image

• Telecommunication Act 2023

• India's bustling telecommunications landscape has undergone a seismic shift with the
arrival of the Telecom Act 2023. Replacing the antiquated Telegraph Act of 1885, this new
legislation promises a modern framework for regulating the sector.
• The preamble of the Act: amend and consolidate the law relating to development,
expansion and operation of telecommunication services and telecommunication
networks; assignment of spectrum.
• Spectrum refers to the invisible radio frequencies that wireless signals travel over.
• telecommunication service’ – which is a term broad enough to
cover any telecommunication service that entails transmission, emission, or reception of
messages by wire, radio, optical or other electro-magnetic systems,

• Telecommunications is the electronic exchange of any type of data over a variety of

information transmitting technologies and systems.
• The Act prioritizes user protection but also extends powers to the government to
intercept communications.
• The government under the act can take control of telecommunication networks in certain
situations.
36
 Insert Image

• The DPDP Act applies to Indian residents and businesses collecting the data of
Indian residents. Interestingly, it also applies to non-citizens living in India
whose data processing “in connection with any activity related to offering of
goods or services” happens outside India.This has implications for, say, a U.S.
citizen residing in India being provided digital goods or services within India by
a provider based outside India.
• The 2023 act allows personal data to be processed for any lawful
purpose.14 The entity processing data can do so either by taking the concerned
individual’s consent or for “legitimate uses,” a term that has been explained in
the law.
• Consent must be “free, specific, informed, unconditional and unambiguous
with a clear affirmative action” and for a specific purpose. The data collected
has to be limited to that necessary for the specified purpose.
• A clear notice containing these details has to be provided to consumers,
including the rights of the concerned individual and the grievance redress
mechanism. Individuals have the right to withdraw consent if consent is the
ground on which data is being processed.
37
 Insert Image

• Legitimate uses are defined as: (a) a situation where an individual has
voluntarily provided personal data for a specified purpose;
• (b) the provisioning of any subsidy, benefit, service, license, certificate, or
permit by any agency or department of the Indian state, if the individual has
previously consented to receiving any other such service from the state (this
is a potential issue since it enables different government agencies providing
these services to access personal data stored with other agencies of the
government);
• (c) sovereignty or security;
• (d) fulfilling a legal obligation to disclose information to the state;
• (e) compliance with judgments, decrees, or orders;
• (f) medical emergency or threat to life or epidemics or threat to public health;
and
• (g) disaster or breakdown of public order.16

38
 Insert Image

• Exemptions From Obligations Under the Law

• The law provides exemptions from consent and notice requirements as well as
most obligations of data fiduciaries and related requirements in certain cases:
• (a) where processing is necessary for enforcing any legal right or claim;
• (b) personal data has to be processed by courts or tribunals, or for the
prevention, detection, investigation, or prosecution of any offenses;
• (c) where the personal data of non-Indian residents is being processed within
India; and so on.
• One problematic provision allows the government to, “before expiry of five
years from the date of commencement of this Act,” declare that any provision
of this law shall not apply to such data fiduciary or classes of data fiduciaries for
such period as may be specified in the notification.
• This is a significant and wide discretionary power and is not circumscribed by
any guidance on the basis for such exemption, the categories that may be
exempted, and the time period for which such exemptions can operate.

39
 Insert Image

A&M RECORDS, INC. V. NAPSTER, INC.

• Napster was an online platform used to download and access compressed digital music files in MP3
formats, making it one of the most popular peer-to-peer services in 1999. It was created by Shawn
Fanning, an 18-year-old freshman in computer science at Northwestern University.
• Napster consisted of a central service that indexed its users and the files available on their machines,
thus creating a list of music files that are available on Napster’s network. Napster gained immense
popularity due to the fact that it was one of the most accessible services to use.
• In 2001, several record companies such as Sony Music Entertainment, Atlantic Records, MCA
Records, Island Records, Motown Records, Capitol Records, and BMG Music collectively filed a
lawsuit against Napster.
• The lawsuit, A&M Records, Inc. v. Napster Inc., was an Intellectual Property case that was
adjudicated by the United States Court of Appeals for the Ninth Circuit (upon affirming the ruling of
the United States District Court for the Northern District of California). The Court held that the
defendant (Napster) was held liable for contributory infringement and vicarious infringement of the
plaintiff’s copyrights. The Napster case gained immense popularity since it explored the intersection
of copyright laws and peer-to-peer file sharing systems
40
 Lorem ipsum dolor sit amet, consectetuer
adipiscing elit. Maecenas porttitor congue
“QUOTE” massa. Fusce posuere, magna sed pulvinar
ultricies, purus lectus malesuada libero, sit
PIE CHART

Lorem ipsum dolor sit

amet, consectetuer
adipiscing elit.
Maecenas porttitor
congue massa. Fusce
posuere, magna sed
pulvinar ultricies, purus
lectus malesuada
libero, sit amet
commodo magna eros
1st Qtr 2nd Qtr 3rd Qtr 4th Qtr
quis urna.

42
43