Cyberspace jurisdiction and Sovereign States

Jurisdiction has always been one critical issue in cyber-offences. Given the fact that the world-wide-web ("www") can be accessed from any where in the world (and thus touches the boundary of each of the countries and their respective jurisdiction), literally any and every offence committed in cyberspace can be called for scrutiny by courts of any or all countries. On the contrary, in as much as the cyberspace is not within the "territorial" limits of a country, it is always open to the accused to argue lack of jurisdiction. However what is critical is the fact that issues to this regard are not limited to these. Rather the peculiarities of the web leave much to the imagination rather than clear thinking. In fact we had pondered over these issues in one of our earlier posts.

Recently we came across a paper on SSRN which does explore this wishful thought of defining an appropriate and more importantly, a definite forum for determination of offences committed in the cyberspace. Submitted before the 12th UN Congress on Crime Prevention and Criminal Justice, Henrik S. Spang Hanssen in the paper titled Cyberspace or Sovereign States presents some interesting thoughts on this issue.


The abstract doesn't say it all when it states that the "paper suggests the international community must decide whether to let all nations exercise 'Global Jurisdiction' without any limitation to the extraterritorial reach/range of national jurisdiction OR still want to be divided into sovereign states in relation to Cyberspace." However it does raise interesting issues facing the countries in as much as they continue to retain and exercise jurisdiction over offences committed in cyberspace. An interesting reading. 

Liability of Intermediaries under the amended Information Technology Act

This week we have an article from relating to the liabilities of intermediaries under the recent amendments carried out in the Information Technology Act by the Parliament. We had earlier written on the decision of an Australian court declaring that Internet Service Providers were not liable for illegal download, being of the view that the ISP could not control the unauthorised acts of the users. The Indian law has been amended to protect the ISP on similar lines, subject to certain conditions. We have this paper from Mr. Pavit Singh Katoch who holds a masters degree in Law and specializes in Intellectual Property and Information Technology laws where he has sought to explain the changes in lucid detail.

Liability of Intermediaries under the amended Information Technology Act

Mr. Pavit Singh Katoch

After its notification in the official gazette, Information Technology Amendment Act, 2008 finally came into force on October 27, 2009. Under the Information Technology Act, 2000 intermediary was defined as any person, who on behalf of another person, receives, stores or transmits that message or provides any service with respect to that message. However, the Information Technology Amendment Act has clarified the definition “Intermediary” by specifically including the telecom services providers, network providers, internet service providers, web-hosting service providers in the definition of intermediaries thereby removing any doubts. Furthermore, search engines, online payment sites, online-auction sites, online market places and cyber cafés are also included in the definition of the intermediary

Section 79 deals with the immunity of the intermediaries. Section 79 of the old Act (IT Act 2000) was vaguely drafted and was considered harsh on the intermediaries. One such example is the case of Baazee.com (now renamed as ebay.in), an auction portal which is owned by the American auction giants Ebay.com. In this case, the CEO of the company was arrested for allowing an auction of a pornographic video clip involving two students on his website. Under the old Act, intermediaries were exempted only to the extent if they proved that they had no knowledge of the infringement or they had exercised all due diligence to prevent such infringement or offence. This kind of approach made websites liable if constructive knowledge was proved or it lacked sufficient measures to prevent such infringement. It is virtually impossible for any website, having medium traffic, to monitor its contents and involves cost implications as well.

This draconian approach led to the amendment of the Information Technology Act 2000. Under the Information Technology Amendment Act, 2008, Section 79 has been modified to the effect that an intermediary shall not be liable for any third party information data or communication link made available or hosted by him. This is however subject to following conditions:

• the function of the intermediary is limited to providing access to a communication system over which information made available by third parties is transmitted or temporarily stored or hosted;
• the intermediary does not initiate the transmission or select the receiver of the transmission and select or modify the information contained in the transmission;
• the intermediary observes due diligence while discharging his duties.

As a result of this provision, social networking sites like Facebook, Twitter, Orkut etc. would be immune from liability as long as they satisfy the conditions provided under the section. Similarly, Internet Service Providers (ISP), blogging sites, etc. would also be exempt from liability.

However, an intermediary would loose the immunity, if the intermediary has conspired or abetted or aided or induced whether by threats or promise or otherwise in the commission of the unlawful act. Sections 79 also introduced the concept of “notice and take down” provision as prevalent in many foreign jurisdictions. It provides that an intermediary would lose its immunity if upon receiving actual knowledge or on being notified that any information, data or communication link residing in or connected to a computer resource controlled by it is being used to commit an unlawful act and it fails to expeditiously remove or disable access to that material.

Even though the intermediaries are given immunity under Section 79, they could still be held liable under Section 72A for disclosure of personal information of any person where such disclosure is without consent and is with intent to cause wrongful loss or wrongful gain or in breach of a lawful contract. The punishment for such disclosure is imprisonment extending upto three years or fine extending to five lakh rupees or both. This provision introduced under IT Amendment Act, 2008, is aimed at protection of privacy and personal information of a person.

The most controversial portion of the IT Amendment Act 2008 is the proviso that has been added to Section 81 which states that the provisions of the Act shall have overriding effect. The proviso states that nothing contained in the Act shall restrict any person from exercising any right conferred under the Copyright Act, 1957 and the Patents Act, 1970. This provision has created a lot of confusion as to the extent of liability provided under section 79.

Section 79 under IT Amendment Act, is purported to be a safe harbor provision modeled on the EU Directive 2000/31. However, Information Technology Amendment Act 2008 left a lot to be desired. Both EU and USA provide specific exclusion to internet service providers under the respective legislations. In order to clarify the issue and put the controversy to rest, Indian legislators need to insert a similar provision proving immunity to ISP in the Copyright Act, 1957.

It is interesting to note that even auction sites, search engines and cyber café s fall within definition of intermediaries. There is no parallel legislation in the world which provides immunity to such a wide range of intermediaries. This can be reason behind addition of proviso to Section 81. Nevertheless, Information Technology Amendment Act 2008 makes a genuine effort to provide immunity to the intermediaries but has failed to achieve its objective due to loose drafting of few provisions. Indian Legislators need to plug in these gaps and provide indispensable immunity to the ISPs to enable them to operate in India without any fear and inhibitions.

{The Author holds a Masters Degree in Law from Queen Mary's College, London and specializes in Intellectual Property and Information Technology Laws. Current the author is associated with a reputed law firm in India. Views expressed herein are his own. The author may be contacted at affable.sonu [@] gmail [dot] com}

Revisting ICANN's role in domain name allocation

Long back we had written in detail over the hows and whys of cyber law, reflecting on the nuances and features of this branch of law. There we had noted, and again reiterate that any discussion on cyber law cannot be complete with a reference to the Internet Corporation for Assigned Names and Numbers or the popularly called ICANN. The role played by ICANN is not only pivotal for the world-wide-web (www) to even begin operations but the regulatory and governing functions of ICANN are also seminal in as far as cyber law is concerned. A recent award rendered by the International Centre for Dispute Resolution (or ICDR) sketches the role of ICANN in this regard in detail and that forms the thrust of this post. 

To begin with, and which is also the most important portion, let us note the historical genesis of the international body as noted in the very first paragraph of the award;

From its beginning in 1965, an exchange over a telephone line between a computer at the Massachusetts Institute of Technology and a computer in California, to the communications colossus that the Internet has become, the Internet has constituted a transformative technology. Its protocols and domain name system standards and software were invented, perfected, and for some 25 years before the formation of the Internet Corporation for Assigned Names and Numbers (ICANN), essentially overseen, by a small group of researchers working under contracts financed by agencies of the Government of the United States of America, most notably by the late Professor Jon Postel of the Information Sciences Institute of the University of Southern California and Dr. Vinton Cerf, founder of the Internet Society. Dr. Cerf, later the distinguished leader of ICANN, played a major role in the early development of the Internet and has continued to do so. European research centers also contributed. From the origin of the Internet domain name system in 1980 until the incorporation of ICANN in 1998, a small community of American computer scientists controlled the management of Internet identifiers. However the utility, reach, influence and exponential growth of the Internet quickly became quintessentially international. In 1998, in recognition of that fact, but at the same time determined to keep that management within the private sector rather than to subject it to the ponderous and politicized processes of international governmental control, the U.S. Department of Commerce, which then contracted on behalf of the U.S. Government with the managers of the Internet, transferred operational responsibility over the protocol and domain names system of the Internet to the newly formed Internet Corporation for Assigned Names and Numbers (“ICANN”).

Thereafter the process of allocation of domain names was described in the decision as thus;

10. The Domain Name System (“DNS”), a hierarchical name system, is at the heart of the Internet. At its summit is the so-called “root”, managed by ICANN, although the U.S. Department of Commerce retains the ultimate capacity of implementing decisions of ICANN to insert new top-level domains into the root. The “root zone file” is the list of top-level domains. Top-level domains (“TLDs”), are identified by readable, comprehensible, “user-friendly” addresses, such as “.com”, “.org”, and “.net”. There are “country-code TLDs” (ccTLDs), two letter codes that identify countries, such as .uk (United Kingdom), .jp (Japan), etc. There are generic TLDs (“gTLDs), which are subdivided into sponsored TLDs (“sTLDs”) and unsponsored TLDs (“gTLDs”). An unsponsored TLD operates under policies established by the global Internet community directly through ICANN, while a sponsored TLD is a specialized TLD that has a sponsor representing the narrower community that is most affected by the TLD. The sponsor is delegated, and carries out, policy-formulation responsibilities over matters concerning the TLD. Thus, under the root, top-level domains are divided into gTLDs such as .com, .net, and .info, and sTLDs such as .aero, .coop, and .museum. And there are ccTLDs, such as .fr (France). Second level domains, under the top-level domains, are legion; e.g., Microsoft.com, dassault.fr. While the global network of computers communicate with one another through a decentralized data routing mechanism, the Internet is centralized in its naming and numbering system. This system matches the unique Internet Protocol address of each computer in the world –- a string of numbers – with a recognizable domain name. Computers around the world can communicate with one another through the Internet because their Internet Protocol addresses uniquely and reliably correlate with domain names.

11. When ICANN was formed in 1998, there were three generic TLDs: .com, .org. and .net. They were complemented by a few limited-use TLDs, .edu, .gov, .mil, and .int. Since its formation, ICANN has endeavored to introduce new TLDs. In 2000, ICANN opened an application process for the introduction of new gTLDs. This initial round was a preliminary effort to test a “proof of concept” in respect of new gTLDs. ICANN received forty-seven applications for both sponsored and unsponsored TLDs.

The dispute related to the change in stand adopted by ICANN in regard to the allocation of a domain name with a suffix .xxx to the claimant ICM. The ICANN had initially held that the application of ICM in this regard met with the eligible criteria but later due to the change in the governmental stands of various countries, specially the United States, had changed its decision to grant the domain name to ICM. The validity of this denial was in challenge before ICDR. Holding in favour of ICM, the award concluded thus;

the provision of Article 4 of ICANN’s Articles of Incorporation prescribing that ICANN “shall operate for the benefit of the Internet community as a whole, carrying out its activities in conformity with relevant principles of international law and applicable international conventions and local law,” requires ICANN to operate in conformity with relevant general principles of law (such as good faith) as well as relevant principles of international law, applicable international conventions, and the law of the State of California.

(since) the Board of ICANN in adopting its resolutions of June 1, 2005, found that the application of ICM Registry for the .XXX sTLD met the required sponsorship criteria (,) the Board’s reconsideration of that finding was not consistent with the application of neutral, objective and fair documented policy. 

Have a look at the decision.

Website alone does not create jurisdiction: High Court

Whether the Court can exercise jurisdiction against a person on the ground that such person maintains a website which can be accessed within the jurisdiction of the court was the issue which faced the Delhi High Court in a recent decision. A suit was filed before the High Court for violation of trademark wherein the High Court noted "that neither the plaintiff nor the Defendants is located within the territorial jurisdiction of this court. The Plaintiff is a company having its registered office at Singapore whereas the Defendants 1 and 2 are at Hyderabad. Defendant no. 1 is the promoter of the Defendant no. 2 company." 

It was argued by the side of the plaintiff that "the Defendants have presence in Delhi through their website which is accessible in Delhi. It [was] further contended that the said website is not a passive website. It not only provides contact information but also seeks feedback and inputs from its customers through an interactive web-page. ... Further, ... the services of the Defendants are being offered to the customers in Delhi also because of the ubiquity, universality and utility of the features of the Internet and the World Wide Web and hence the cause of action has arisen within the jurisdiction of this Court.”

On these, the High Court laid the test as under;

42. This Court holds that jurisdiction of the forum court does not get attracted merely on the basis of interactivity of the website which is accessible in the forum state. The degree of the interactivity apart, the nature of the activity permissible and whether it results in a commercial transaction has to be examined. For the "effects" test to apply, the Plaintiff must necessarily plead and show prima facie that the specific targeting of the forum state by the Defendant resulted in an injury or harm to the Plaintiff within the forum state. For the purposes of a passing off or an infringement action (where the plaintiff is not located within the jurisdiction of the court), the injurious effect on the Plaintiff‟s business, goodwill or reputation within the forum state as a result of the Defendant's website being accessed in the forum state would have to be shown. Naturally therefore, this would require the presence of the Plaintiff in the forum state and not merely the possibility of such presence in the future. Secondly, to show that an injurious effect has been felt by the Plaintiff it would have to be shown that viewers in the forum state were specifically targeted. Therefore the "effects" test would have to be applied in conjunction with the "sliding scale" test to determine if the forum court has jurisdiction to try a suit concerning internet based disputes.

58. We summarise our findings on the questions referred for our opinion as under:

Question (i): For the purposes of a passing off action, or an infringement action where the Plaintiff is not carrying on business within the jurisdiction of a court, in what circumstances can it be said that the hosting of a universally accessible website by the Defendants lends jurisdiction to such Court where such suit is filed (“the forum court”)?

Answer: For the purposes of a passing off action, or an infringement action where the Plaintiff is not carrying on business within the jurisdiction of a court, and in the absence of a long-arm statute, in order to satisfy the forum court that it has jurisdiction to entertain the suit, the Plaintiff would have to show that the Defendant “purposefully availed” itself of the jurisdiction of the forum court. For this it would have to be prima facie shown that the nature of the activity indulged in by the Defendant by the use of the website was with an intention to conclude a commercial transaction with the website user and that the specific targeting of the forum state by the Defendant resulted in an injury or harm to the Plaintiff within the forum state.

Question (ii): In a passing off or infringement action, where the defendant is sought to be sued on the basis that its website is accessible in the forum state, what is the extent of the burden on the Plaintiff to prima facie establish that the forum court has jurisdiction to entertain the suit?

Answer: For the purposes of Section 20 (c) CPC, in order to show that some part of the cause of action has arisen in the forum state by the use of the internet by the Defendant the Plaintiff will have to show prima facie that the said website, whether euphemistically termed as “passive plus” or “interactive”, was specifically targeted at viewers in the forum state for commercial transactions. The Plaintiff would have to plead this and produce material to prima facie show that some commercial transaction using the website was entered into by the Defendant with a user of its website within the forum state resulting in an injury or harm to the Plaintiff within the forum state.

Question (iii): Is it permissible for the Plaintiff to establish such prima facie case through “trap orders” or “trap transactions”?

Answer: The commercial transaction entered into by the Defendant with an internet user located within the jurisdiction of the forum court cannot possibly be a solitary trap transaction since that would not be an instance of “purposeful” availment by the Defendant. It would have to be a real commercial transaction that the Defendant has with someone not set up by the Plaintiff itself. If the only evidence is in the form of a series of trap transactions, they have to be shown as having been obtained using fair means. The Plaintiff seeking to establish jurisdiction on the basis of such trap transactions would have to aver unambiguously in the plaint, and also place along with it supporting material, to prima facie show that the trap transactions relied upon satisfy the above test

The High Court in this process under-took a stock-taking exercise of the decisions in the various courts of law. It  took note of the following decisions as reflective of the legal position abroad on the issue. In regard to the origination of law the High Court took note of the following;


United States

(A) Purposeful availment as a test

(i) International Shoe Co. v. Washington 326 U.S. 340 (1945)

(ii) Burger King Corp v. Rudzewicz 471 U.S. 462 (1985)

(iii) Asahi Metal Industries v. Superior Court 480 U.S. 102 (1987)

(iv) Inset Systems Inc. v. Instruction Set Inc. 937 F.Supp. 161 (D.Conn.1996)

(v) Bensusan Restaurant Corp. v. King, 937 F. Supp.295 (S.D.N.Y. 1996)

(vi) Ballard v. Savage 65 F.3d 1495 (1995)

(vii) CompuServe, Inc. v. Patterson, 89 F.3d 1257(6th Cir. 1996)

(viii) Maritz, Inc. v. CyberGold, Inc., 947 F.Supp. 1328 (E.D.Mo.) (1996)

(ix) Neogen Corp. v. Neo Gen Screening, Inc., 282 F.3d 883, 890 (6th Cir. 2002)

(B) "Zippo" sliding scale test

(i) Zippo Mfg. Co. v. Zippo Dot Com, Inc., 952 F.Supp. 1119 (W.D.Pa.1997)

(ii) Cybersell, Inc. v. Cybersell. Inc. 130 F.3d 414 (1997)

(iii) Uberti v. Leonardo, 181 Ariz. 565

(iv) Desktop Technologies v. Colourworks Reproduction & Designs Inc 1999 WL 98572 (E.D.Pa. 1999)

(v) People Solutions v. People Solutions 2000 WL 1030619 (N.D.Tex., 2000)

(vi) Mink v. AAAA Development 190 F.3d 333 (5th Cir. 1999)

(vii) Winfield Collection v. McCauley 105 F.Supp.2d 746 (E.D.Mich,2000)

(C) The "Effects" test

(i) Louis Feraud Int’l SARL v. Viewfinder Inc 406 F Supp 2d 274 (SDNY 2005)

(ii) Calder v. Jones, 465 U.S. 783 (1984)

(iii) UJEF et LICRA v. Yahoo! Inc. et Yahoo France, Tribunal de Grande Instance de Paris, No RG:00/0538, May 22, 2000 and November 22, 2000

(iv) Remick v. Manfredy, 238 F.3d 248 (2001)

(v) Noonan v. Winston Comp., 135 F.3d 85, 91 (1998)

(vi) Revell v. Lidov, 317 F.3d 467 (5th Cir. 2002)

(vii) Digital Equipment Corp. v. Alta Vista Technology 969 F.Supp 456 (Mass., 1997)

(viii) Nissan Motor Co. v. Nissan Computer Corp.89 F. Supp. 2d 1154 (C.D. Cal.,2000)

(ix) Toys "R" US, v. Step Two, 318 F.3d 446 (2003)

28. To summarise the position in the US, in order to establish the jurisdiction of the forum court, even when a long arm statute exists, the Plaintiff would have to show that the Defendant “purposefully availed” of jurisdiction of the forum state by “specifically targeting” customers within the forum state. A mere hosting of an interactive web-page without any commercial activity being shown as having been conducted within the forum state, would not enable the forum court to assume jurisdiction. Even if one were to apply the „effects‟ test, it would have to be shown that the Defendant specifically directed its activities towards the forum state and intended to produce the injurious effects on the Plaintiff within the forum state.

 Canada 

(i) Morguard Investments Ltd. V. De Savoye, [1990] 3 SCR 1077

(ii) Pro-C Ltd. v. Computer City Inc. (2000) OJ No. 2823 (Ont.Sup.Ct.), 7 CPR (4th) 193

(iii) Patrick Desjean v. Intermix Media Inc. 2006 FC 1395

(iv) Muscutt v. Courcelles (2002) 213 DLR (4th) 577

 United Kingdom

(i) 1-800 Flowers Inc v. Phonenames [2002] FSR 12 CA

 Australia

(i) Dow Jones & Company Inc. v. Gutnick, (2002) HCA 56 (10 December 2002)

 India

(i) Casio India Co. Limited v. Ashita Tele Systems Pvt. Limited 2003 (27) PTC 265 (Del)

(ii) Rediff Communication Ltd. V. Cyber Booth, AIR 2000 Bombay 27

(iii) (India TV) Independent News Service Pvt. Limited v. India Broadcast Live Llc And Ors., 2007 (35) PTC 177 (Del.)

Have a look at the decision.

Arun Jaitley: A tryst with Cyber squatting

"It appears that registering a domain in cyber space in one's name is not easy, as Mr. Arun Jaitley, the Plaintiff recently discovered", notes Delhi High Court in its recent order on the petition of Mr. Jaitley who approached the Court challenging the action of another, for having booked the domain name "www.arunjaitley.com" for itself. 

Though only prima facie (and not conclusively determinative), the observations of the High Court are really intriguing. It noted, 

"The present suit raises very significant questions in the realm of intellectual property law concerning the protection that a person is entitled to, particularly when the person's name had acquired distinctiveness, goodwill and reputation. It also raises an important question whether the right to one's own name is part of the bundle of 'personal' rights enshrined in the right to life under the Article 21 of the Constitution of India, and Article 17 of the International Convenant on Civil and Political Rights. Is a person entitled to protection of such a right and all other rights incidental to and stemming from that right viz., the rights to publicity and to privacy. It appears to this Court that the Plaintiff has more than a stateable prima facie case." "The Plaintiff has prima facie demonstrated, with the help of all several documents, that Defendant No.3 is 'squatting' on his name with the intention of exploiting it for profit. If not injuncted, the domain name www.arunjaitley.com could well be 'purchased' by any person. Such person could then use it for any purpose detrimental to the goodwill and reputation of the Plaintiff. The balance of convenience in restraining the Defendants from transferring, alienating or offering for sale the domain name 'arunjaitley.com' to any third party and from creating any third party interest in the said domain name 'arunjaitley.com' appears to be in favour of the Plaintiff at this stage."

Being of this view, the Court granted an injunction against the defendants from allowing any one to purchase the said domain name. The issue is indeed interesting for there haven't been many cases in India dealing with Cyber-squatting. What is more interesting is the fact that the cases is representing by eminent intellectual property lawyers from both sides. One will have to wait the final outcome of the suit and hope that the law on the issue get a clarity.

Have a look at the full text of the order (becomes relevant from paragraph 13 onwards)

Exploring the nuances of Cyber Law

I – Why and what of cyber law?

Cyber law, or the law dealing with cyber-space, popularly called ‘internet’ or ‘net’, is the buzz word today in law school curriculums and across the generation of old lawyers across the world. Why? Because this is more to do with technology rather than law alone. Imagine a law providing definition of ‘meta tag’, something which any computing geek can tell you. Then the law defining an ISP. Sounds hilarious and then absurd. Why should the law attempt to define these terms when they are well known and understood in the same manner across the globe? Why purpose would be served even if the law were to define the same? The slow and steady moving law can never compete with the level of technology existing at any point of time and the speed with which it grows. So what is the point of making a law, which by the time is come to govern, it is already outdated. These and other oddities of cyber law make it an interesting subject indeed.

Well, it seems there is a purpose. The purpose is ‘regulation’, something which the law exists for. The purpose is to identify the course of events, as they take place on the cyber space, and then provide a mechanism to determine rules affixing responsibilities and liabilities on the participating actors in the transactions. Take for example a simple and every day case of a cyber-café. A goes in Xena Computings and used the café for an hour. In this time, he views Z government’s site and tries to interfere with the site-coding. He is unable to change the things and so he leaves. Now should the government whose site has been fiddled with do something? Let us say that Xena Computings is situated in Z country only but A is of Y country. Can anything be done?

Well here comes the role of cyber law. It firstly defines unacceptable code of conduct on the cyber-space (something like cyber offences) and then prescribes a mechanism or procedure to deal with the situations in which this prescribed code of conduct is breached. So in this case, unless the law of Z provides against or prohibits interference with governmental websites, Z’s government will not be able to do anything, even if A had been successful in hacking the site or otherwise. Now once this is made a cyber offence, what next? The law of Z must provide a mechanism whereby Z government could affix the liability on A or Xena Computings, as the case may be, and allow the law to take its course.

So the law needs to define technical terms like hacking, cracking, ISP, subscriber, etc. and then only any action can be taken. So the premises (or the what) or cyber of law is based upon technology or for comprehensible terms, the cyber space where the why, as we have already noted, is the regulation of cyber space. Thus cyber law comes to occupy a place as a distinct and specialised branch of law.

II – The fundamentals of Cyber law

Cyber law or cyber-space law, as the name suggests, deals with cyber space. So the core of the matter is a technology driven segment while the external paraphernalia i.e. the law itself, is static and starts with where the technological elements end. To simply, technology brings a concept, say the simple concept of ‘linking’ web-pages and website etc., and then the law follows to deal with it. Like in this case, whether linking can lead to any legal liability. For example, there may copyright violation or trade mark violations in deep-linking etc.

Therefore the fundamentals of cyber law start from where the fundamentals of cyber-space end. Cyber-space defines the area or rather the spectrum where the cyber law would operate and therefore, for example, jurisdictional issues in cyber law are a concomitant of jurisdictional issues of cyber-space. To illustrate, no country has a right over cyber-space for technically cyber-space does not fall within the jurisdiction of any particular country. There may be a case that a server hosting a website may be located within the territorial confines of a particular country but the point is that once is has hosted the site, it has fallen into public domain, an artificial spectrum (which cyber space really is) and therefore no country has jurisdiction over it.

Conversely, however, cyber space is not Eiffel Tower that you can see it only by going to Paris. From any where in the world you can have access to cyber space (provided of course you have a phone line and a modem and yes, a computer). Therefore, speaking from this reverse angle, any and all countries have jurisdiction over the activities committed in the cyber-space, so long as the starting or the ending point was in their country. Thus, if Mr. G-space (operating from New York) copies a copy-right-protected video from the site of Ms. YTB (hosted from Sydney), and then publishes a morphed version of the video on his site (hosted in Brussels), the only countries which (legally speaking) would have the jurisdiction to deal with the matter would be of those three cities and none else, unless an over-enthusiastic court decides to poke its nose into the matter, not being situated within these three countries.

So this way cyber law is intrinsically connected with the manner in which cyber-space operates but for the qualification that this is only as regards the facts of the matter. The situation remains just like an ordinary law for questions of law. This is to say, that in our above example, while cyber space rules would only be illustrative in the decision as to which court has jurisdiction, the actually liability in any case would be defined by reference to the principles of intellectual property law alone.

To conclude, therefore, while cyber law is invariably and irrefutably related to cyber-space, its fundamentally actually being to operate from where the fundamentals of cyber-space lead them to. To paraphrase, they have a converging point but do not overlap. They being and end with the same objectives, but operate on different areas, one purely technological and concept based, the other purely convenience and policy based and operating on a conceptual framework provided by the other.

III – Legal framework of Cyber law

Cyber law is a very intricate subject to have a legal framework upon, not because of the fact that there is too much of technology involved but also due to the fact that cyber law does not fit under any specific branch of law and rather permeates into various and almost all different branches of all. For example, we have law of contracts, law of crimes, etc. as separate branches of law. However cyber law does not fit in any of these as it involves almost all branches of law to some extent or the other like electronic contracts, cyber offences etc., which are quiet capable of fitting themselves in other branches of law but then as a matter of practical perspective, are better dealt separately as a specific branch of law involving technology, i.e. cyber law.

So we have a legal framework for this branch of law which is intricate and varied. We have a law which deals with cyber offences as a part and parcel of criminal law or rather as a separate penal code in itself. We have a law which deals with electronic transactions of commercial sense or put simply, electronic contracts, which may either be incorporated in the contract law or be kept separate as a distinct subject. Then we have separate legal codes for those areas which do not strictly fall within the ambit of the generally invoked branches of law. Therefore we have law relating to liability of the ISP, liability of the e-auctions host, etc.

But why do we need to discuss this under the legal framework of cyber law. Because, the legal framework of cyber law does not exist as one. It instead exists as a varied and assorted group of separate legal codes which are united only through the underlying theme of technology. So while technically speaking the Information Technology Act, 2000 is the sole framework of cyber law in India, it is not so legally. Legally a portion of Indian Evidence Act, 1872 (when even the T.V. was not born, forget the World Wide Web) which deals with electronic evidence, a portion of tort law (dealing with cyber torts), etc. form the actual legal framework of cyber law in India. And this is not a case with India alone. It is the same across the world.

In fact it is not worthwhile to have an exhaustive code dealing with the legal aspects of cyber transactions. The reason is simple. Law cannot expect to match the pace of technology nor its participants. It should remain content with playing the second-fiddle, unless it wants to dwell into an unknown area where not principles but the need of the markets determines the next generation’s phase and outlook. Therefore law-makers across the world are content framing legislations on the areas which are quiet settled as far as cyber-transactions are concerned and once this is done, patch-up the existing legal codes with these developments. So we have an addendum to the existing legal codes for cyber transactions.

IV – Regulation of cyber-space

When ever the term regulations comes up, there always is a sense of an external entity watch the movements of ‘the regulated’ and always ready to pound up and play its part of imposing sanctions in order to bring the deviant behaviour in line with the standard notions of the regulated regime, in line with the principles of fair-play and mutual co-existence. Initially when the World Wide Web gripped nations and there were participants across the borders, there was a fear amongst the legal scholars as to how this new arena would be regulated. No single nation could work out a way to deal with the transactions even if they took place within their territorial regime as a multitude of mitigating or aggregating factors remained outside their boundaries.

Thus a need was felt for an international consensus on the issue. But then even that one was not forthcoming. Why? Because not all countries were involved in the ‘cyber-menace’ (as it was understood at that point of time from a regulatory perspective) nor were all technologically sound and willing to support an international consensus on the issue. So the idea of an international agreement/treaty or organization was done off. The world was amateur enough not to able to support one. So independent nations took the lead and started pressing the players in the cyber arena to come out with proposals such that the online traffic could be regulated.

This is how the various regulatory agencies were born, like ICANN for web domains, etc. But then these were private entities, made quasi-governmental by the manner and nature of functions they performed. This particular entity, ICANN was so engrossed in the regulation of web domains that it even came out with a dispute settlement mechanism and thus pioneered the idea of online-dispute-resolution, which was quickly adopted by e-bay and other online platforms providing for interaction of web-participants on a commercial scale. So the regulatory agencies of cyber space can be enumerated as; government; international agencies involved in regular interactions with the cyber-space; web-hosts, and you yourself (as you have agreed to regulate your conduct in the manner as prescribed by the host though whom you operate).

But then again, the question remains, what is the link amidst these various participants which allows the cyber space to work as a regulated regime. The answer to this intriguing question is equally intriguing. It seems the cyber-space is working out to balance itself. The participants conduct themselves in order and when there is a zealous actor crossing the limits, there is always a higher and stronger participant to kick the transgressor from the offending limits, may be by legal sanctions or simply by suspending the access. So we have regulators who are also regulated and then this probably seems never to end, just like a vicious circle with just the government may be at the top of affairs.

The above erratic description may not be sensed out to be regulation in true sense but then regulation it is; just that this is a different ball-game. This is obviously because the arena is complex and it is not in the interests of anyone to have it heavy guarded and face the risk that the entire structure may crumble under the weight of itself.