Delhi High Court Directs MEITY and DoT Take Action Against Domain Name Registrars for Not Conforming with IT Rules
The Delhi High Court vehemently directed the Ministry of Electronics and Information Technology (MEITY) and Department
Delhi High Court Directs MEITY and DoT Take Action Against Domain Name Registrars for Not Conforming with IT Rules
The Delhi High Court vehemently directed the Ministry of Electronics and Information Technology (MEITY) and Department of Telecommunications (DoT) to take action in accordance with Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 against domain name registrars (DNRs) who are not adhering with the Rules.
The single judge Justice Pratibha M Singh was hearing set of suits filed by large number of trademark and brand owners, seeking reliefs against misuse of their marks / names / brands by unauthorized persons, who register such marks as part of their domain names.
The primary issue that arose in these cases was that the proliferation of these fraudulent and illegal domain names had resulted in enormous damage to innocent and gullible members of the public, who mistakenly paid large sums of money to the said website owners/domain name owners. From time to time, directions have been issued by the Court for blocking and for removal/suspension of the domain names and pulling down of the websites.
The Court had noted that the details for the persons registering the illegal domain are usually not available on the website. In view of the same, vide order dated 3rd August, 2022, recommendations were to be given by MEITY after consulting various stakeholders, including the Controller General of Patents, Designs, and Trade Marks (CGPTDM), DOT, National Internet Exchange of India (NIXI), Delhi Police, etc.
Furthermore, as recorded in the order dated 14th September, 2022 an aspect to be considered by the MEITY and DoT, was the issue of whether grievance officers had been appointed by the DNRs and in case of no information regarding the same, MEITY was to take steps in accordance with law. A status report detailing the steps taken by MEITY was also to be filed. The said status report reflecting the action taken by the MEITY had been placed on record before the Court.
The Court noticed that there are two sets of DNRs operating in India:
(i) The first sets of DNRs are those who offer various Global Top Level Domains (GTLDs) such as (.com), (.net) and (.org). Some such DNRs have agreed to appoint grievance officers and implement orders passed by Indian Courts/Authorities. However, a number of DNRs have either not responded to MEITY or have belatedly refused to comply with the orders passed by the Court.
(ii) The second set of DNRs which operate in India are (.in) DNRs. In so far as (.in) DNRs are concerned, they are stated to have appointed Grievance Officers, as reflected in MEITY's report.
In view of the aforementioned facts which came to light through MEITY's status report, the Court observed, "it is clear that stringent steps would be required to be taken, in order to curb the menace of illegal domain name registrations having well known marks and names of business houses."
It accordingly directed that MEITY/DoT/the appropriate authority shall take steps action in accordance with the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 against DNRs who do not agree to comply with the said Rules or do not appoint grievance officers or implement orders of Indian Courts/Authorities.
Directing that the steps against in terms of the Rules be taken within four weeks, the court also sought a status report from MEITY on the action taken as per the directions.
Following this, the Court emphasized on the issue that in many cases, there was a mismatch between the name of the account holder of the bank account, and the name given in the billing details.
The judged noted, "the fact that whenever payments are made into a bank account, the name of the account holder and the name of the recipient are not matched and it is only the account number which is matched, is leading to innocent consumers being duped. From the submissions made it appears that currently there is no verification done by banks qua the name of the account holder at the time of payment transaction."
Mr. Ramesh Babu, ld. Counsel appearing for Reserve Bank of India (RBI) submitted the stand of the RBI is that various guidelines in respect of Real Time Gross Settlement (RTGS) and National Electronic Funds Transfer (NEFT) transactions have already been issued and guidelines are regularly issued from time to time in respect of mandatory compliances that are to be affected by banks at the time of opening of accounts etc.
Insofar as the question as to whether both the beneficiary account number and the account holder's name have to match while receiving payments or deposits, into a particular account was concerned, the stand of the RBI was:
"It is most humbly submitted that the RBI has not issued any specific instruction advising banks to ensure that the name of bank account holder and the names in the billing details correspond with each other."
Ld. counsel for the Plaintiffs, however, submitted that the entire difficulty arose because banks only seek to match the account number while accepting payments through online, electronic, and offline modes and do not verify the name of the beneficiary and match the same with the account holder's name.
Hence, the Court opined that the RBI needs to take steps to curb malpractices where amounts have been accepted by banks in the names of well-known companies but the bank account stands in the name of third party.
The Court asked the counsel appearing for RBI to seek instructions as to whether the regulatory authority can issue guidelines making it mandatory for banks to match beneficiary's name or name in the billing details with the account holder's name "and not merely the account number" whenever banks accept online or offline payments.
"All the DNRs who are appearing before the Court would seek instructions and make submissions on the next date of hearing as to whether privacy protection feature masking the details of the Domain Name Registrant is being automatically offered or is the concerned Domain Name Registrant required to 'choose' the said feature by a positive act as per the policies which they are following", directed Court and listed the matter for 27th March, 2023.