Social media intermediaries can't claim 'safe harbour' if fail to report child sexually explicit materials: SC

Read Time: 13 minutes

Synopsis

“Safe Harbour” protection means that an intermediary will not be held liable for any third-party information, data, or communication link made available or hosted by him

The Supreme Court in the significant September 23, 2024 judgment on the POCSO Act and child pornography, also held that a social media intermediary cannot claim exemption from the liability under Section 79 of the IT Act for any third-party information, data, or communication link made available or hosted by it, unless due diligence is conducted by it and compliance is made of the provisions of the POCSO Act. 

A bench of Chief Justice of India D Y Chandrachud and Justice J B Pardiwala said that such due diligence includes not only the removal of child pornographic content but also making an immediate report of such content to the concerned police units in the manner specified under the POCSO Act and the Rules thereunder.   

"In view of the overriding effect of the POCSO Act and the rules thereunder, merely because an intermediary is in compliance of the requirements specified under Section 79 of the IT Act, will not absolve it of any liability under the POCSO, unless it duly complies with the requirements and procedure set out under it, particularly Section 20 of POCSO Act and Rule 11 of the POCSO Rules," the bench said.

The court pointed out that it is a settled position of law, that when a statute describes or requires a thing to be done in a particular manner; it should be done in that manner or not at all. 

"Thus, social media intermediaries in addition to reporting the commission or the likely apprehension of commission of any offence under POCSO to the National Centre for Missing & Exploited Children (NCMEC) is also obligated to report the same to authorities specified under Section 19 of POCSO i.e., the Special Juvenile Police Unit (SJPU) or the local police," the bench said.

In the judgment that overturned the Madras High Court's decision to quash a criminal proceedings against a man for downloading and watching child-abusive materials, the top court bench said that the role of “intermediaries” as defined under Section 2(w) of the IT Act in checking the proliferation of child pornography is significant. 

The court noted that Section 79 of the IT Act, 2000 which relates to due diligence that is to be observed by an intermediary, provides an exemption from liability to such intermediaries in certain cases if they are in compliance with the due-diligence requirements prescribed under the said provision, more particularly sub-section (3)(b), this is known as the “safe harbour” protection or provision.

“Safe Harbour” protection means that an intermediary will not be held liable for any third party information, data, or communication link made available or hosted by him, it noted.

As per sub-section (2), in order to avail such protection, the intermediary foremost must not in any manner be involved in either initiating the transmission, or the receipt or the modification of the third-party data or information in question, and further is required to observe due diligence while discharging his duties under the IT Act and to also observe such other guidelines as the Central Government may prescribe in his behalf, the bench pointed out.

Subsection (3) (b) of the provision stipulates that if an intermediary receives actual knowledge or is notified by the appropriate government or its agency that any information, data, or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit an unlawful act, the intermediary must expeditiously remove or disable access to that material on that resource without compromising the evidence in any manner, the court added.

It further noted that the provisions further state that the protection under Section 79 lapses and does not apply if the intermediary has conspired or abetted or aided or induced, whether by threats or promise or otherwise in the commission of the unlawful act, or if upon receiving “actual knowledge”, or if the intermediary fails to expeditiously remove or disable access to that material on that resource without vitiating the evidence in any manner on being notified by the appropriate Government or its agency that any information, data or communication link residing in or connected to a computer resource controlled by the intermediary is being used to commit the unlawful act.

In this regard, the bench pointed out that Rule 11 of the Protection of Children from Sexual Offences Rules, 2020 places an obligation on the intermediaries to not only report offences under POCSO Act but also to hand over the necessary material including the source from which such material may have originated to the Special Juvenile Police Unit or the local police, or the cyber-crime portal. 

As per an MOU between the National Crime Records Bureau (NCRB) under the Ministry of Home Affairs (MHA) and the National Centre for Missing & Exploited Children (NCMEC), a US based NGO, all social media intermediaries are required to report cases of child abuse and exploitation to the NCMEC, which in turn reports these cases to the NCRB and the NCRB forwards this to the concerned State authorities in India through the national cybercrime reporting portal, the division bench highlighted.

Court said that it has been brought to its notice that social media intermediaries do not report such cases of child abuse and exploitation to the local authorities specified under POCSO and rather only comply with the requirements stipulated in the MOU. 

"In view of the salutary object and the mandatory character of the provisions of Section 19 and 20 of the POCSO read with Rule 11 of the POCSO Rules, we are of the considered view, that an intermediary cannot claim exemption from the liability under Section 79 of the IT Act for any third-party information, data, or communication link made available or hosted by it, unless due diligence is conducted by it and compliance is made of these provisions of the POCSO. We are also of the view that such due diligence includes not only removal of child pornographic content but also making an immediate report of such content to the concerned police units in the manner specified under the POCSO Act and the Rules thereunder," the bench said.

Case Title: Just Rights for Children Alliance & Anr Vs S Harish & Ors