IPR IN CYBERSPACE

UNIT-III

Nithin Rajeev, Assistant Professor, IFIM Law School

 Insert Image

EVOLUTION OF IP IN CYBERSPACDE

• With the mass increase in the use of cyber space, availability of content (electronic form) across
digital platforms increased by many folds; innovation gave rise to the creation of original and
novel content, and intellectual property was disseminated overcoming all geographical
boundaries.
• Cyberspace being a tool of access to data and resources, it expanded human reaches towards
global information. As a result, there developed an undeniable relationship between cyberspace
and IP.
• However, while on one hand, content of various kind including elements of copyright, trademark
and patent became easily available to one and all across digital platforms, on the other, there
arose instances of violation of intellectual property owing to theft of such content which in turn
resulted in complications of piracy and infringement of the rights accruing from such intellectual
properties.

2
 Insert Image

• Consequently, the necessity of protecting digital content was acknowledged, and accordingly,
the legal framework of Cyber Law was established to address all concerns of misuse and
misappropriation of intellectual property on cyberspace.
• Intellectual property is fundamentally associated with territoriality, while cyberspace cannot be
restricted within territorial boundaries. As a result of intellectual property being available on
cyberspace, the inherent nature of intellectual property underwent an evolution, thereby giving
rise to newer interpretations of both cyberspace and intellectual properties.

3
 Insert Image

COPYRIGHT IN CYBERSPACE
• Cyberspace provides to copyright law a platform to promote and channelize its objectives and
purposes, the most significant of which is to provide to the society access to knowledge for
establishing overall societal advancement.
• The intrinsic philosophy of copyright law is aimed at fostering creativity and innovation which the
copyright owner and/or holder may subject to commercial exploitation; and cyberspace served as
the perfect medium for fulfilling such purposes.
• Not only does the internet eliminate all distinction between private and public use, but it also
creates complications towards the interpretation of use of copyrighted materials thereby diluting the
grounds of copyright infringement.
• The fundamentals of the copyright law state that infringement shall be deemed to have occurred if
the exclusive rights of the copyright owner are exercised without express authorization of the owner
or right-holder. Since the copyright law validates the use and/or reproduction of copyrighted
material for personal/private use, it is essential to understand whether copyrighted content has been
subjected to private use or not for determining the occurrence of infringement
4
 Insert Image

• Copyright compliance in cyberspace is hampered by the use of computers, the internet, and
streaming, copying, copy-cutpaste, deep linking, and peer-to-peer file sharing.
• The Indian Copyright Act, which was first enacted in 1957. The Act hasbeen amended five times
since its enactment i.e., in 1983, 1984, 1992, 1994, 1999 and 2012.
• The Copyright (Amendment) Act, 2012 is the most substantial and in alignment with digital
transformation in general ad internet in particular. The Copyright Act is now considered a piece of
law, and the general outlook is that the revised Act will be able to withstand copyright problems
arising from emerging technology, particularly those arising from the Internet.
• The Act has adapted to the modern age by dropping some limiting clauses and phrases and
extending the meanings of works like cinematograph films (motion pictures) and sound recordings
(phonograms) to allow certain works in “any format” within their purview. It does not, however,
cover all facets of the digital problems that are now surfacing.
• The great majority of user-generated material on social networking platforms is classified as one of
four types of works: (1) texts, (2) images, (3) music recordings, or (4) videos.

5
 Insert Image

FAIR USE IN CYBERSPACE

• There are four non-exclusive factors for courts to consider in determining whether any particular
use is a fair use and thus not an infringement of copyright. The four factors are:
• 1. the purpose and character of the use, including whether such use is of a commercial nature or is
for non-profit educational purposes;
• 2. the nature of the copyrighted work;
• 3. the amount and substantiality of the portion used in relation to the copyrighted work as a whole;
and
• 4. the effect of the use upon the potential market for or value of the copyrighted work
• In the case of influencers, the line between commercial and non-commercial is difficult to draw
because some may be able to demonstrate that their content is for genuine criticism or review,
whereas in other cases, there may be a promotion of another product or brand alongside the
criticism of the copyright owner's brand, which then becomes a commercial activity
6
 Insert Image

• Kelly v Arriba Soft Corp the plaintiff, Leslie Kelly, a professional photographer who had
copyrighted many of his images of the American West. Some of these images were located on
Kelly’s website or other websites with which Kelly had license agreement.
• The defendant, Arriba Soft Corp. operated an Internet search engine that displayed its results in the
form of small pictures rather than the more usual form of text.
• Arriba obtained its database of pictures by copying images from other websites. By clicking on one
of these small pictures, called ‘thumbnails’, the user could view a large version of that same picture
within the context of the Arriba web page.
• The circuit court held that “the creation and the use of the thumbnails in the search engine is a fair
use, but the display of the larger image is a violation of Kelly’s exclusive right to publicly display
his works.

7
 Insert Image

TRADEMARK AND CYBERSPACE

• Evolution of cyberspace has given rise to ample scope of misuse of such trademarks by unauthorized
parties which in turn has resulted in misleading consumers and violating the rights of the original
trademarks.
• Domain names have become a kind of ‘e-commerce marks’ in the online medium. These are digital
business addresses – a point of business contact or transaction. Domain names provide a system of
easy-to-remember Internet addresses, which can be translated by the Domain Name System (DNS)
into the numeric addresses (Internet Protocol (IP) numbers) used by the network.
• The inter-relationship between trademarks and cyberspace was developed in exclusive association
with the concept of domain names. In simple words, domain names represent the IP address used in
surfing the world wide web. It is owing to use of domain names on cyberspace that the strictly
territorial nature of trademarks has now broadened to become global.

8
 Insert Image

9
 Insert Image

• While on one hand such domain names may refer to internet based digital platforms associated
with certain goods and/or services and in turn substantiate the commercial prospects of online
businesses, on the other, they would be indicative of the identity, goodwill and quality
complimenting such goods and/or services.
• Evidently, misappropriation of domain names could not only cause immense damage to the
business of infringed chain of goods/services, they could completely destroy the goodwill
associated with such brands which may have taken ages to build
• Additionally, domain name registrations being done on a ‘first come first served’ basis, there are
various instances of fraudulent registration of domain names whereby the party registering, in spite
of having no legitimate interest in the brand, deliberately infringed the rights of the original
trademark owners to acquire registration in an unauthorized manner.
• Infringement of trademarks through abuse of domain names on cyberspace is hence a very serious
concern for flourishing trades and businesses

10
 Insert Image

CYBERSQUATTING
• Cybersquatting, which literally means ‘sitting on another person’s property’, may be described as
instances of fraudulent use and misappropriation of domain names which involve exploitation of
online identities of brands that result in violation of rights of the original right-owners.
• Cybersquatting often give rise to situations wherein parties who have no legitimate rights in certain
trademarks get domain names registered in their names and subsequently sell those to the original
owner or other parties at exorbitant prices It may be done inter alia with the intent of preventing the
original owner of brands from having access to such domain names, diverting the traffic off the
cyberspace associated with the websites of competing brands, and selling such domain names to
earn profits.

11
 Insert Image

• In India, there is no statutory provision to prevent cybersquatting; however, certain provisions of

the Trademarks Act, 1999 are broad enough to address such issues. Cybersquatting can be protected
within the legal framework of ‘passing off’ which emerges from common law principle.
• Consequently, any person lodging a complaint against cybersquatting necessarily involves the
mandate of establishing the following –
• a) Dishonest intention of the fraudulent party
• b) Absence of legitimate rights being held by the fraudulent party
• c) Similarity between the domain name fraudulently registered and the trademark owned by the
authentic right-holder
• The first Indian case that extensively discussed issues of domain name disputes visà-vis
cybersquatting was Yahoo Inc. v Akash Arora (78(1999) DLT 285),wherein, the defendant
contended having used a common dictionary word and having provided a disclaimer in the website
with the intention to avoid confusion being created with the plaintiff’s website which was registered
in more than 69 countries. However, the court held that despite such disclaimers, there would be
necessary associations made with the original website of yahoo which was based in a well known
and distinct trademark.
12
 Insert Image

• Subsequently, in the case of Tata Sons Ltd. &Anr.v. ArnoPalmen&Anr, the Delhi High Court
dealt with a landmark case on domain name disputes and cybersquatting.
• The plaintiffs sought permanent injunctions against the defendant’s use of the domain name
‘www.tatainfotech.in’ or such domain names deceptively similar to the plaintiff’s registered
trademark which, they alleged, had been registered only with the intention of earning illegal gains
by commercially exploiting the same.
• The defendant however, argued that ‘Tata Infotech’ had been their trade name since 1997, and
claimed to have earned a goodwill in the trade owing to a flourishing business.
• The court held that similarity in domain names could indeed result in diversion of traffic across
websites, and could even cause economic loss to the registered right-holders of the original
trademark owing to the outreach of e-commerce and cyberspace.
• It was hence held that the impugned website had been registered with mala fide intentions in bad
faith with the sole objective of acquiring advantage from exploitation of the plaintiff’s registered
trademark.

13
 Insert Image

• There are also instances called ‘Reverse Domain Name Hijacking’, wherein, parties come up with
false allegations of cybersquatting against rightful owners through legal actions, as a result of
which, such rightful owners end up transferring their rights to the fraudulent claimants for the sake
of avoiding legal costs. Cases of reverse domain name hijacking hence has been seen to happen
majorly against small entities or individual owners of trademark who often lack the financial
strength to take up expenses involved in litigation.

14
 Insert Image

• Software Piracy and Intellectual Property Rights Protection

• Software piracy is the unauthorised copying, distribution, or use of copyrighted
software without the proper permission or license from the software’s creator or
publisher.
• This can include activities such as
• making multiple copies of a single software license,
• distributing software without a valid license,
• downloading pirated versions from the internet, or
• using a single licensed copy on multiple computers without the appropriate multi-
user license.

15
 Insert Image

• Understanding the Indian Copyright Act of 1957

• In India, the Copyright Act of 1957 provides a legal framework to address software piracy,
encompassing both civil and criminal laws.
• Those found guilty of software copyright infringement can face a sentence ranging from a
minimum of seven days to a maximum of three years.
• Additionally, monetary penalties can vary between 50,000 rupees and 200,000 rupees. In certain
piracy scenarios, provisions from the Information Technology Act of 2000 may also be applicable.
• The Indian Copyright Act, 1957, under Section 13 (1) (a), extends protection to various original
creations, treating computer programs as unique literary works.
• Section 51 (a) (ii) of the Act specifies that using a location to communicate copyrighted software
or other works to the public for profit constitutes copyright infringement.
• The term “communication to the public” is defined in Sec. 2(ff) of the Act as the act of listening to,
enjoying, or viewing copyrighted content. However, the Act doesn’t explicitly address the liabilities
of Internet Service Providers, unlike some other countries.

16
 Insert Image

• Information Technology Act, 2000: A Closer Look

• The Information Technology Act of 2000 serves as a significant tool against the rampant
infringement of copyrighted software. Section 2(w) of the Act encompasses all Internet service
providers and other intermediaries.
• This includes entities like cybercafés, auction sites, online payment platforms, search engines, and
more, which receive, store, and provide records on behalf of another individual.
• However, the Act doesn’t clearly define the extent or amount of liability that can be imposed on
these service providers.
• They can be exempted from certain sections if they can demonstrate a lack of knowledge about the
offense or if they’ve taken reasonable measures to prevent such offenses.

17
 Insert Image

• The Act categorises the services provided by Internet Service Providers into three types:
transmission of third-party information, links hosted by the providers, and storage of third-party
data.
• This legislation essentially offers a protective shield for search engines and Internet Service
Providers, allowing them to distance themselves from third-party content.
• This, in turn, absolves them from the responsibility of implementing stringent measures to curb
piracy. However, the Act falls short when it comes to addressing situations where a service provider
is alerted about the use of pirated content on their platform.
• To claim exemption, providers must prove that they neither initiated, received, nor altered any
transmission of the work.
• The Ministry of Communication and Information Technology has introduced mandatory guidelines
outlining the due diligence required by intermediaries during the transmission of work.
• These guidelines, which subscribers must also adhere to, are outlined under Section 79 of the Act,
2000.
• Rule 3(4) of the Act stands out as a beneficial provision for copyright owners.
• It mandates the removal of pirated content from services once identified and communicated to the
respective service provider. Failure to comply can lead to legal action against the service provider.
18
 Insert Image

JUDICIAL STANCE

• For instance, in the 2006 Microsoft case (Microsoft Corporation v. Deepak Raval ), the Delhi High
Court recognised the defendant’s infringement of copyrighted products like Microsoft Office 2000 and
Microsoft Office 9.
• The court emphasised the pressing need to combat piracy, given the escalating instances of copyright
violations, and consequently ordered the defendant to pay significant damages to Microsoft.
• In the renowned case of Super Cassettes Industries v. Yahoo Inc., the plaintiff argued that Yahoo had
violated their copyrighted content via its portal.
• The court responded by issuing an injunction, preventing Yahoo from reproducing and transmitting the
plaintiff’s copyrighted material on its platform.
• Another case, Microsoft Corporation v. Mr. Kiran and Anr., saw the court highlighting the growing
threat of software piracy in India and the urgent need for robust laws to deter such infringements.

19
 Insert Image

• In Syed Asifuddin and ors v The State of Andhra Pradesh & Anr , the Tata indicom employees
were arrested on charges of hacking a computer source code under Section 65 of the IT
Act,2000 for altering the electronic 32 bit number (ESN) programmed into cellphones that were
to be exclusively used only on Reliance infocomm’s service network. The court observed that
such tampering of code is punishable offence under Section 65 of IT Act. The court observed
that in view of Section 2(o) & (ffc) section 13 and 14 of Copyright Act computer programme is
a literary work protected by copyright and as per Section 63 (copyright act) any infringement of
computer programme is punishable. However , the court observed that this issue will be
decided by the trial court after evidence is led before trial court.

20
 Insert Image

INFORMATION TECHNOLOGY ACT, 2000

• The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the
Indian Parliament reported on 17th October 2000. This Information Technology Act is
based on the United Nations Model law on Electronic Commerce 1996 (UNCITRAL
Model) which was suggested by the General Assembly of United Nations by a resolution
dated on 30th January, 1997. It is the most important law in India dealing with Cybercrime
and E-Commerce.
• The main objective of this act is to carry lawful and trustworthy electronic, digital and
online transactions and alleviate or reduce cybercrimes. The IT Act has 13 chapters and 94
sections. The last four sections that starts from ‘section 91 – section 94’, deals with the
revisions to the Indian Penal Code 1860.
• The IT Act, 2000 has two schedules:
• First Schedule –
Deals with documents to which the Act shall not apply.
• Second Schedule –
Deals with electronic signature or electronic authentication method. offences and the punishments in IT Act 2000 :
The offences and the punishments that falls under the IT Act, 2000 are as follows :-
21
 Insert Image

• Chapter 1 deals with the applicability of the Act and definitions of various
terminologies used in the Act.
• Chapter 2 talks about digital and electronic signatures.
• Electronic governance and electronic records are given under Chapters 3 and 4
respectively.
• Chapter 5 is related to the security of these records and Chapter 6 deals with
regulations of certifying authorities.
• Chapter 7 further gives the certificates needed to issue an electronic signature.
• Chapter 8 gives the duties of subscribers and Chapter 9 describes various
penalties.
• Chapter 10 provides sections related to the Appellate Tribunal.
• Chapter 11 describes various offences related to breach of data and their
punishments.
• Chapter 12 provides the circumstances where the intermediaries are not liable for
any offence or breach of data privacy.
• The final chapter, i.e., Chapter 13 is the miscellaneous chapter.
22
 Insert Image

Electronic Signature and Digital Signature

• An electronic signature is simply a legally valid electronic replacement of a handwritten signature.

Digital signatures carry a user's information along with electronic signatures. Electronic signatures
do not contain any authentication attached to them. A digital signature secures a document.
• A digital signature secures a document. An electronic signature verifies the document. Digital
signatures are validated by licensed certifying authorities such as eMudhra. Electronic signatures
are not validated by licensed certifying authorities.
• An example of an electronic signature is when you digitally sign a document by typing your name
in a designated signature field. Another example of an electronic signature is a scanned image of
your handwritten signature that you insert into a document.

23
 Insert Image

24
 Insert Image

In public key encryption, a public key and a private key are generated for
an application. The data encrypted with the public key can be decrypted only
with corresponding private key. Only the owner can access the private key to
decrypt messages that are encrypted with the corresponding public key.
The terms public key and private key are frequently used in the field of
encryption and decryption. They play a significant role in securing sensitive
information and critical data.
A private key is a tool that allows a user to both encrypt and decrypt data.
Shared between the sender and receiver of encrypted information, this key is
also known as a symmetric key because it is common to both parties.
A public key, on the other hand, is used to encrypt data, while the private key
is used for decryption. Simply put, a user can encrypt data using a single
(public) key, and then the receiver uses a private key to decrypt the ciphertext
and read the message. This is also referred to as asymmetric cryptography.
Ex: Bob wants to send Alice an encrypted email. To do this, Bob takes Alice's
public key and encrypts his message to her. Then, when Alice receives the
message, she takes the private key that is known only to her in order to
decrypt the message from Bob.
25
 Insert Image

• What Is a Certificate Authority (CA)?

• A certificate authority (CA), also sometimes referred to as a certification authority, is a company or
organization that acts to validate the identities of entities (such as websites, email addresses,
companies, or individual persons) and bind them to cryptographic keys through the issuance of
electronic documents known as digital certificates.
• Certifying Authority means a person who has been granted a license to issue an Electronic
Signature Certificate under section 24. The IT Act provides for the Controller of Certifying
Authorities (CCA) to license and regulate the working of Certifying Authorities.
• XtraTrust DigiSign Private Limited.
• eMudhra Limited.
• Capricorn Identity Services Private Limited.

26
 Insert Image

• Types of E-commerce
• E-commerce/e-business may be classified at large in the following six basic types:
• Business to Business (B2B)
• Refers to all electronic transactions of goods and sales that are conducted between two
companies, generally between the producers and wholesalers. The famous website acting
as a catalyst between such wholesalers and producers maybe India-mart.
• Business to Consumer (B2C)
• Various predominant e-commerce persisting in India wherein the customer gets a big
market to purchase goods and services. Here, the E-commerce website serves as a
platform for the sale of the goods directly to the end-consumer of the products. For
instance Flipkart, Amazon, Myntra etc.
• Consumer to Consumer (C2C)
• Generally this model uses the online platform of money and various social media for its
existence. The widespread known phenomenon of “OLX pe Bech de!” can be the best
example to understand E-Commerce at the consumer to consumer-level basis. Example:
eBay is one global example of this kind of e-commerce.
27
 Insert Image

• Consumer to Business (C2B)

• When the Customer provides goods or services in exchange for money. For Ex.
A customer review or the advertisement of a company by an influencer
amongst his followers etc.
• Business to Administration (B2A)
• This e-commerce category refers to the services and products offered by the
companies to the Public Administration. For Instance: the small company
providing IT support to the local administrative body
• Consumer to Administration (C2A)
• This heading includes all the transaction whereby there is a payment made
electronically towards the public administration such as taxes, health
appointment.

28
 Insert Image

Electronic Contract
• refers to a contract that takes place through e-commerce, often without the parties
meeting each other. It refers to commercial transactions conducted and concluded
electronically.
• A customer drawing money from an ATM machine is an example of electronic
contract. Another instance of e-contract is when a person orders some product from
an online shopping website.
• Globalization and diffusion of technology has accelerated the presence of e-commerce
companies throughout the world. Online auctions are also gaining popularity whereby
buying and selling takes place through bidding using the Internet.

29
 Insert Image

• A browse wrap agreement is intended to be binding on the contracting party by the use of the
website. Such contracts are usually used by websites wherein the continued use of a website by
a user is deemed to be acceptance of its revised terms of use and other policies.
• A shrink wrap contract is a license agreement where the terms and conditions of the contract
are enforced upon the consumer as soon as he opens the package. Such contracts can be
generally observed in the case of buying of software products. The license agreement
indemnifies the user for any copyright or intellectual property rights violation of the
manufacturer as soon as the buyer opens the pack (containing the software product).
• Click wrap or click through agreements require the user to manifest his consent or assent to
the terms and conditions governing the licensed usage of the software by clicking "ok" or "I
agree" button on the dialog box. A user may choose to disagree or reject the terms by clicking
cancel or closing the window. Such a user will not be able to buy or use the service upon
rejection. One regularly comes across such a type of contract during online transactions, while
downloading software or creating an e-mail account. Unlike the shrink wrap agreements where
the terms of the agreement are hidden inside the box, in case of click wrap agreements, all the
terms and conditions are accessible prior to acceptance, either in the same window or through a
hyperlink.

30
 Insert Image

OFFENCES

 Section 65-Section 71

31
 Insert Image

• Circumstances where intermediaries are not held liable

• Section 2(1)(w) of the Act defines the term ‘intermediary’ as one who receives, transmits,
or stores data or information of people on behalf of someone else and provides services like
telecom, search engines and internet services, online payment, etc. Usually, when the data
stored by such intermediaries is misused, they are held liable. But the Act provides certain
instances where they cannot be held liable under Section 79. These are:
• In the case of third-party information or communication, intermediaries will not be held
liable.
• If the only function of the intermediary was to provide access to a communication system
and nothing else, then also they are not held liable for any offence.
• If the intermediary does not initiate such transmissions or select the receiver or modify any
information in any transmission, it cannot be made liable.
• The intermediary does its work with care and due diligence.
• However, the section has the following exemptions where intermediaries cannot be
exempted from the liability:
• It is involved in any unlawful act either by abetting, inducing or by threats or promises.
• It has not removed any such data or disabled access that is used for the commission of
unlawful acts as notified by the Central Government.
32
 Insert Image

CYBER CRIMES

• Hacking: The Most common and popular type of cyber crime that we might
have heard since our childhood. Hacking is the most prevalent cyber crime in
almost every part of the World, were technology is being rapidly used by the
Human Race. It’s the un-authorized access and use of the victim’s computer
by a Hacker to take all the sensitive information like data and images from
the target device, who is a learnt person in Cyber Programming. The hacker
mis-uses the information being obtained by him via the un-authorized access
against the Victim, in order to blackmail or defame him.
• Cyber Stalking: The most common cyber crime these days, stalking simply
means constantly following any person, usually females and threatening or
messaging them repeatedly even after their objection on the same. Cyber
Stalking is punishable u/s.66-A, 67 of Information and Technology Act, 2000
and Section 354-D of IPC, 1860

33
 Insert Image

• Cyber Defamation: Publication or posting any material on social media or other

online platforms against a respected citizen of the Country which lowers his
integrity and image in the eyes of others, without any evidence with a malafide
intension is a Crime in India, which along with the I.T. Act, 2000 is also punishable
under Section 499 and Section 500 of Indian Penal Code, 1860.
• Banking Fraud: The Banking Fraud is on its peak these, especially in the admist
of nation-wide lockdown due to Covid-19. The fraudsters impersonates as
representatives of bank, and extorts the crucial and sensitive information like CVV
Number, OTP, etc. from the innocent customers by fraudulently deceiving them
and making false stories, resulting into credit card and banking fraud. Even some
fraudsters installs the skimmer in the ATM Machines, which clones the credit or
debit card of the customers, ultimately causing financial losses to them
• Cyber Terrorism: This is the most grave and serious type of cyber crime
prevailing in India. In this, tools are used to interrupt in National Infrastructure
and Defense by shutting down the energy, transportation and communication
facilities. In simple words the Government Websites are being hacked by the
criminals and is mis-used in order to damage the Defense and Infrastructure of
that particular nation. Ex- Online Threatening Emails to various Government
Officials or Ministers, Bomb threats, etc
34
 Insert Image

• Phishing: Phishing attacks are fraudulent emails, text messages, phone calls or web sites designed
to manipulate people into downloading malware, sharing sensitive information (e.g., Social Security
and credit card numbers, bank account numbers, login credentials), or taking other actions that
expose themselves or their organizations to cybercrime.
• Successful phishing attacks often lead to identity theft, credit card fraud, ransomware attacks, data
breaches, and huge financial losses for individuals and corporations.
• Identity theft: Any digital identity theft definition includes a malicious actor that illegally acquires
personal information (date of birth, social security number, credit card details etc.) and uses it for
identity fraud (cloning credit cards, applying for loans, extorting the victim etc.).
• Online, identity theft works largely as it does offline, with a remarkable difference. The massive
volume of information attackers can find about you on the Internet and its level of detail makes
their “job” much easier and significantly more lucrative.

35
 Insert Image

• Telecommunication Act 2023

• India's bustling telecommunications landscape has undergone a seismic shift with the arrival of the
Telecom Act 2023. Replacing the antiquated Telegraph Act of 1885, this new legislation promises a
modern framework for regulating the sector.
• The preamble of the Act: amend and consolidate the law relating to development, expansion and
operation of telecommunication services and telecommunication networks; assignment of spectrum.
• Spectrum refers to the invisible radio frequencies that wireless signals travel over.
• telecommunication service’ – which is a term broad enough to cover any telecommunication
service that entails transmission, emission, or reception of messages by wire, radio, optical or other
electro-magnetic systems,

• Telecommunications is the electronic exchange of any type of data over a variety of information
transmitting technologies and systems.
• The Act prioritizes user protection but also extends powers to the government to intercept
communications.
• The government under the act can take control of telecommunication networks in certain situations.
36
 Insert Image

• The DPDP Act applies to Indian residents and businesses collecting the data of Indian residents.
Interestingly, it also applies to non-citizens living in India whose data processing “in connection
with any activity related to offering of goods or services” happens outside India.This has
implications for, say, a U.S. citizen residing in India being provided digital goods or services
within India by a provider based outside India.
• The 2023 act allows personal data to be processed for any lawful purpose. 14 The entity
processing data can do so either by taking the concerned individual’s consent or for “legitimate
uses,” a term that has been explained in the law.
• Consent must be “free, specific, informed, unconditional and unambiguous with a clear
affirmative action” and for a specific purpose. The data collected has to be limited to that
necessary for the specified purpose.
• A clear notice containing these details has to be provided to consumers, including the rights of
the concerned individual and the grievance redress mechanism. Individuals have the right to
withdraw consent if consent is the ground on which data is being processed.

37
 Insert Image

• Legitimate uses are defined as: (a) a situation where an individual has voluntarily provided
personal data for a specified purpose;
• (b) the provisioning of any subsidy, benefit, service, license, certificate, or permit by any agency
or department of the Indian state, if the individual has previously consented to receiving any other
such service from the state (this is a potential issue since it enables different government agencies
providing these services to access personal data stored with other agencies of the government);
• (c) sovereignty or security;
• (d) fulfilling a legal obligation to disclose information to the state;
• (e) compliance with judgments, decrees, or orders;
• (f) medical emergency or threat to life or epidemics or threat to public health; and
• (g) disaster or breakdown of public order.16

38
 Insert Image

• Exemptions From Obligations Under the Law

• The law provides exemptions from consent and notice requirements as well as most obligations of
data fiduciaries and related requirements in certain cases:
• (a) where processing is necessary for enforcing any legal right or claim;
• (b) personal data has to be processed by courts or tribunals, or for the prevention, detection,
investigation, or prosecution of any offenses;
• (c) where the personal data of non-Indian residents is being processed within India; and so on.
• One problematic provision allows the government to, “before expiry of five years from the date of
commencement of this Act,” declare that any provision of this law shall not apply to such data
fiduciary or classes of data fiduciaries for such period as may be specified in the notification.
• This is a significant and wide discretionary power and is not circumscribed by any guidance on the
basis for such exemption, the categories that may be exempted, and the time period for which such
exemptions can operate.

39
 Insert Image

A&M RECORDS, INC. V. NAPSTER, INC.

• Napster was an online platform used to download and access compressed digital music files in MP3
formats, making it one of the most popular peer-to-peer services in 1999. It was created by Shawn
Fanning, an 18-year-old freshman in computer science at Northwestern University.
• Napster consisted of a central service that indexed its users and the files available on their machines,
thus creating a list of music files that are available on Napster’s network. Napster gained immense
popularity due to the fact that it was one of the most accessible services to use.
• In 2001, several record companies such as Sony Music Entertainment, Atlantic Records, MCA
Records, Island Records, Motown Records, Capitol Records, and BMG Music collectively filed a
lawsuit against Napster.
• The lawsuit, A&M Records, Inc. v. Napster Inc., was an Intellectual Property case that was
adjudicated by the United States Court of Appeals for the Ninth Circuit (upon affirming the ruling of
the United States District Court for the Northern District of California). The Court held that the
defendant (Napster) was held liable for contributory infringement and vicarious infringement of the
plaintiff’s copyrights. The Napster case gained immense popularity since it explored the intersection
of copyright laws and peer-to-peer file sharing systems
40
 Lorem ipsum dolor sit amet, consectetuer adipiscing elit.

“QUOTE” Maecenas porttitor congue massa. Fusce posuere, magna

sed pulvinar ultricies, purus lectus malesuada libero, sit
PIE CHART

Lorem ipsum dolor sit amet,

consectetuer adipiscing elit.
Maecenas porttitor congue
massa. Fusce posuere, magna
sed pulvinar ultricies, purus
lectus malesuada libero, sit
amet commodo magna eros
quis urna.

1st Qtr 2nd Qtr 3rd Qtr 4th Qtr

42
43