Coupon Accepted Successfully!

Identifying jurisdiction in the Cyberspace
Jurisdiction related issues and the structure of the internet

Before moving onto the issues arising pertaining to jurisdiction, an understanding of the structure of the internet is important.

i)  Structure of the internet – where are websites located?

(Those who already understand the technological framework and structure of the internet may skip this discussion and move to the next section.)

This part explains the structure of the internet - a website is registered with a Registry by a particular entity (Owner), who may be located anywhere in the world. There is only one registry for a particular kind of domain name. The registry is identified by the top-level domain (TLD) of any website. The top-level domain is identified by the letters at the end of the website, for example, google.com has ‘.COM’ as the top-level domain. Other examples of TLDs are.net, .edu, .tv, .biz etc. These are known as generic TLDs, and their registries are located in the US.

Similarly, country code TLDs (ccTLDs) have been created for different countries, and they are maintained and administered by domestic body within the country to which they pertain. For example, .in, .uk, .de, etc. are managed by India, UK and Germany respectively. 

Owners cannot register websites directly with the Registry, but must approach through a registrar (Registrar).Internet service providers and hosting providers often provide services of registrars as well. For example, BigRock and Indialinks act as registrars and also provide hosting services. Owners need not use the hosting services provided by the Registrar and are free to use hosting services from an independent provider such as Hostgator. For registration of a domain name, a user has the option to choose from various Registrars who are registered with a body called Internet Corporation for Assigned Names and Numbers (ICANN).

ii)  Location of online content

Say, there is a major deals site called ‘dealslawyer.in’ - does the ‘.in’ in its domain name imply that the content is hosted in India? No - it simply means that the .in registry (and not the content on the site) is maintained by the Indian entity that manages .in domains (National Internet Exchange of India or NIXI). The content could be physically hosted on servers anywhere across the world, and domain name may be owned by an individual or entity belonging to any country.

The content for a particular website is hosted on ‘servers’ of the hosting services provider. For example, Hostgator, one of the largest web-hosting services in the world, has its servers based in Houston and Dallas in Texas, US. In addition, it also uses servers from a service known as CloudFlare, which enables users across the world to access websites from servers in different geographical locations.

From the perspective of a regulatory authority, a user of a website or any third party, the location of the content he plans to access may not be predictable in advance as it can continuously vary. Hence, location of the intermediaries is a more practical solution for determining jurisdiction.

iii) Why is the structure of the internet important?

The structure of the internet is relevant for the following purposes –
  • Determining the territorial location of the content, or the location of the entity which is hosting the content (e.g. the relevant website or the social media network). This determination is relevant because as per the law of most countries, the location of the wrong-doer, or the ‘place’ where a wrong is committed are locations where legal proceedings can be initiated against the wrong-doer.
  • Determination of who the intermediaries (that is, entities which enable users to ‘access’ the content) are, and where they are located. Intermediaries are required to comply with information technology laws in the country of their operation. Irrespective of where the content is located, access to the content is provided by intermediaries, who are subject to the law of the state where they are based.
Increasingly, any malicious activity on websites is being tackled by approaching the relevant intermediaries who enable ‘access’ to the content, as that is more practical. Determination of the territorial location of the specific offending content can be very difficult (and the advent of cloud computing has added to this complexity).

Example 1

Consider an Indian business which sells products in India as well as in international markets, including the US. Imagine that a US-based competitor of an Indian business has a huge fan following on a recent micro-blog site called Fleeter.com (which is like Twitter), and posts a derogatory status message, which is extremely harmful for the sales and commercial reputation of the Indian entity. Fleeter does not have an entity situated in India. What action can the Indian business take?


Legal proceedings that can be initiated in respect of a particular act have typically depended to a large extent on the location of the wrong-doer – in this case, it would be based on the location of the entity operating the website (or the servers hosting the website).

Therefore, if information is accessible in a location which is outside the country of operation of that entity, it may be extremely difficult to regulate the content or actions taken on the website– since neither the micro-blogging website nor the US competitor have any operational connection with India (apart from the fact that their content is accessible in India).

It may be easier to regulate larger internet companies such as Google and YouTube because they may have an Indian entity, servers in India or a long-term commercial interest in India, and therefore they may not encourage violation of Indian law or the rights of Indian users. With respect to smaller companies, or others which do not have strategic interest in a particular location, it can be very difficult. 



NoteIn such cases, one of the possible ways to tackle the problem (this may require basic knowledge of the law of other jurisdictions in some cases, particularly US law) is for the Indian business to send ‘take down notices’ to the website, or the server, registry or the hosting services provider, as the website is registered with the “.com” registry (the “.com” registry is based in the US) (we will discuss takedown notices in more detail later).



Example 2

Imagine that a Russian citizen writes something defamatory about an Indian author (who is world-famous for his books), which is published by an American news site which is accessible globally.

If the Indian author wants to sue the Russian, which country’s courts should he approach? The Indian author would ideally prefer suing the Russian (and the American news site) in an Indian court, which is easier for him logistically. Can he sue in India, or does information technology law require him to sue in another jurisdiction, such as:
  • Russia (because the person who wrote defamatory content resides in Russia), or
  • US (because the news site is in the US), or
  • in any other country where he can prove that his reputation has been damaged

    Example 3
If an Indian citizen bought a video camera online from Amazon (in US) which turned out to be defective, where should he sue to recover his loss? Would the situation be any different if he had purchased the camera on eBay US from a Chinese seller?

As evident from the examples above, a jurisdiction issue typically arises in transactions involving citizens and computer systems located in multiple countries, that is, “In that courts of which country/ state can the business initiate legal proceeding?” Or, “In which countries can users sue the business?”). The business would like to sue or be sued in its home turf as far as possible (we will discuss how this goal can be achieved in this chapter).

Another important consideration is whether it is practically feasible for the average user to initiate a legal proceeding. For a business which maintains an online presence and has a global audience, it is important that:
  1. it is able to prevent disruptive or mischievous actions on its website (or other forms of online presence) from entities across the globe - such as unauthorized tampering of the website and
  2. it is able to prevent itself from being sued for a wrongful action in potentially every country where its content is accessible (as far as possible).
The question of jurisdiction is also important because an entity selling products/ services online to an international market may have to comply with regulatory laws of multiple jurisdictions, including locations where it sells its products (or where its customers are based), irrespective of whether or not it has a direct business presence (say, by way of an office) or so.

Due to the cross-border nature of internet and e-commerce, these situations have started arising very frequently.

Information technology law textbooks written by English and American authors point to numerous cases where it may be difficult to identify whether courts of a particular country can exercise jurisdiction with respect to a particular action at all, or which one of many countries can legitimately exercise jurisdiction in a particular instance.

However, for a working understanding, in a majority of the instances the jurisdiction of courts and the country in which legal proceedings can be initiated for a particular action can be understood in light of the ‘type’ of legal claim, as follows:
  • For contractual claims (that is, claims arising out of a sales or service agreement), an entity can contractually specify (in the Terms of Service or Terms of Use section), the country where legal action can be initiated. It may state that any claims may be initiated exclusively in the courts of that country only. For preventing ambiguity, the user must be notified of the terms immediately before the sale and required to agree to them(see the discussion on browsewrap contracts in the following chapters for more details on this).

    Any business which sells products or services on the internet can include in its ‘terms of service’ (or a similar document) a clause stating that legal proceedings can only be initiated in the country where the business has its operations or where it is incorporated. 
  • With respect to regulatory compliance (for example, for an e-commerce website), a business will not be able to ‘select’ the legal system which applies to it. Apart from complying with the legal system where it is incorporated (or where it has operations) it may also have to comply with the law of other countries where it operates or maintains any kind of presence. Maintaining presence includes selling to particular markets without necessarily maintaining physical presence through an office, etc. in such markets. What about businesses which merely convey information to users in other countries and have no presence? For the answer to this question, see the discussion below under the head Jurisdiction with Respect to Interactive Websites.
  • Criminal Law claims- The IT Act applies to any offence or contravention committed outside India by a person (irrespective of his nationality), if his actions involve a computer, computer system or network located in India.See Sections 1 and 75, Information Technology Act, and Section 4, Indian Penal Code.
    In addition, Indian law will apply to a person who has committed any action using the internet, which qualifies as an offence under the Indian Penal Code (e.g. credit card fraud, data theft, etc.), if the person is:
  • An Indian citizen (irrespective of which country he resides), or
  • A foreigner who has committed the offence in India, or
  • If the offence targets a computer resource located in India.

Jurisdiction with respect to interactive websites

Are websites which do not have physical presence in India amenable to the jurisdiction of Indian courts? Indian courts have in some instances claimed jurisdiction over entities which do not have any operations or presence in India except for allowing Indian viewers to browse their website, if the website is not a mere static website but an interactive one.

The Delhi High Court has made some observations which provide useful guidance in this regard. It has held that where the website was an interactive one, as opposed to one merely conveying information (e.g. a static website) – therefore, where the target audience and a large consumer base of the website was located, the court could exercise jurisdiction over the matter, irrespective of the location of the defendant (India TV) Independent News Service Pvt. Limited v. India Broadcast Live LLC And Ors, 2007 (35) PTC 177 (Del.)) The level of interactivity of the website was held to be of vital importance. In another case, (Banyan Tree Holding (P) Limited v. A. Murali Krishna Reddy and Anr, Delhi High Court) of the court clarified that merely accessing a website in Delhi would not provide jurisdiction to Delhi courts to try disputes. Rather, it has to be shown the use of the website by creator of the website was with intent to conclude a commercial transaction with the site user, and such use resulted in injury or harm to the user.

The Delhi High Court appears to point to two factors that can enable a court to exercise jurisdiction over an entity which conveys information through its website to users within the jurisdiction of that court (even though the website may not have physical business presence in that location):

1) The level of interactivity of the content for the users who access the website through a particular jurisdiction. The court may have used the expression ‘interactivity’ in a broad sense, to include situations where a website is responsive or customizes itself to a specific user.

2) The intention to enter into a commercial transaction with a user in that jurisdiction.


Test Your Skills Now!
Take a Quiz now
Reviewer Name