By Stella Joseph, Prakhil Mishra, and Surabhi Prabhudesai
The recent difference of opinions between the Government and Twitter brings to fore the increasing scrutiny that foreign digital/e-commerce players are facing from multiple regulatory check-points in India, a trend which is mirroring the global current in that direction. Since many entities in the digital space have a prominent consumer interface, one of the significant compliance parameters for such entities is consumer protection laws.
Recently, the Government of India has been aggressively enforcing consumer protection laws against e-commerce players. It is pertinent to note that 148 notices been issued to them in the last three months for disclosing ‘country of origin’ on the websites. However, an interesting point to examine is how consumer protection laws in India extend to foreign digital/ e-commerce players, especially those who otherwise have no physical presence in the country.
The Consumer Protection Act, 2019 (“CPA”) has been enacted with the aim of safeguarding the interests of consumers in India against unlawful business activities and unfair trade practices and to serve speedy resolution to consumer-related disputes. It replaced the three-decade archaic law to encompass modern and contemporary modes of conducting business which inter alia include providing goods and services via online sales or e-commerce, direct selling, multi-level marketing, teleshopping, etc. in addition to all the conventional means prevalent in the consumer market today.
In order to accommodate and regulate trade that is making a quick shift towards the online model, and particularly, without being hindered by geographic boundaries, the Government of India notified The Consumer Protection (E-commerce) Rules, 2020 (“E-comm Rules”) under the CPA. The E-comm Rules intend to cover such e-commerce entities who own, operate, or manage digital or electronic facilities or platforms for electronic commerce.
Coverage of E-commerce Rules
To understand the coverage of CPA and E-Comm Rules in general, it would be fruitful to refer to the scope of these rules. The CPA extends to the entire country (except the State of J&K), and in view thereof, Rule 2(1) of the E-comm Rules can be harmoniously read to apply to entities established within India. It is crucial to note that Rule 2(2) of E-commerce Rules very clearly extends the scope to an e-commerce entity having no establishment within India but which “systematically offers goods or services to consumers in India”.
It is interesting to note that when the Draft E-commerce Rules were released in 2019 for comments from stakeholders, it did not provide for such an expansive scope. In light of this, it may be assumed that the inclusion of Sub-Rule (2) in Rule 2 in the notified E-comm Rules is deliberate and intended to extend the applicability to foreign entities. This means that an e-commerce entity which has a consumer base in India is deemed to be brought within the precincts of E-comm Rules.
Extra-territorial reach of the E-commerce Rules
Set against this context, a question that arises with such inclusive scope of E-comm Rules is one with respect to its extra-territorial applicability on the entities which otherwise may not have a physical presence or establishment in India. Such an aspect may become a matter of intense debate if not understood in light of the purpose to be achieved by the Legislature.
The above question can be analysed in light of the power vested with the Parliament of India to enact legislation with respect to extra-territorial aspects or causes which may have a nexus or connection with India. This issue was extensively deliberated by the Hon’ble Supreme Court in the matter of GVK Industries Limited v. The Income Tax Officer & Anr., wherein the Apex Court has laid down the “nexus rule” to check the validity of a law vis-à-vis extra-territorial applicability. In terms of the “nexus rule”, the Indian Parliament may exercise its legislative powers with respect to extra-territorial aspects which are expected to have some impact or consequences for
(a) Territory of India, or any part of India; or
(b) Interest and welfare of inhabitants of India, and Indians
Considering that the purpose and objective of the CPA and rules thereunder is to shield the interest of the consumers in India, it is possible to reason that extra-territorial applicability of the E-comm Rules may stand the test of the above “nexus rule”.
Coverage of foreign e-commerce entities under the rules
The question as to which foreign e-commerce entities are covered by the E-comm Rules remains to be examined. As mentioned above, Rule 2(2) specifically covers e-commerce entities not established in India but systematically offering goods or services to consumers in India. Consequently, few key parameters have been prescribed for a foreign entity which has no establishment in India but still comes under the radar of the E-comm Rules. These parameters are:
Qualification as an ‘e-commerce entity’:
E-commerce, as defined under the CPA as also the E-comm Rules, covers every activity of buying or selling of goods or services including digital products over a digital or electronic network. The term ‘e-commerce entity’ is broadly defined under CPA to mean a person who owns, operates, or manages such a digital or electronic facility or platform for e-commerce, and specifically excludes sellers listed on marketplaces e-commerce entities to clarify.
Offering goods or services to consumers in India:
Primarily, the CPA is intended to apply to goods or services purchased by ‘consumers’, and this notably excludes purchases made for commercial purposes. Thus, at the outset, the applicability is confined only to B2C sales effected by the foreign entities.
Barring governmental action or similar restrictions, most websites, including e-commerce websites, established in any corner of the world are accessible anywhere else. Merely because an Indian consumer is able to view and access a foreign e-commerce platform should not bring such a platform within the ambit of these E-comm Rules. The term ‘offering goods or services … in India’, thus, becomes critical to demarcate accurately. The General Data Protection Regulation (GDPR) enacted in the European Union culls out a similar scope in respect of the offering of goods or services to subjects in the Union. Although in the context of data protection laws, Recital 24 to the GDPR elucidates this concept as follows –
In order to determine whether such a controller or processor is offering goods or services to data subjects who are in the Union, it should be ascertained whether it is apparent that the controller or processor envisages offering services to data subjects in one or more Member States in the Union. Whereas the mere accessibility of the controller’s, processor’s or an intermediary’s website in the Union, of an email address or of other contact details, or the use of a language generally used in the third country where the controller is established, is insufficient to ascertain such intention, factors such as the use of a language or a currency generally used in one or more Member States with the possibility of ordering goods and services in that other language, or the mentioning of customers or users who are in the Union, may make it apparent that the controller envisages offering goods or services to data subjects in the Union.
The above text sets out certain examples of relevant factors. Broadly, the test may be summed up as whether the platform maintained by a foreign entity makes any displays or allows for any accommodations to it which may be viewed as being specific to the Indian context. However, in the absence of any clear clarification in the Indian context, this aspect remains subject to interpretation and hence future litigation.
An offering to be made systematically:
Another criterion is that of an offering to be made Systematically. ‘Systematic’, however, is an ambiguous and undefined term in the present qualification and will be open to interpretation. Once again, since this term is reflective of that used in the GDPR, an interpretative reference may be drawn to the Guidelines on Data Protection Officers adopted by the European Union Article 29 Data Protection Working Party. These guidelines elaborate on the term ‘systematic’ as including one or more of the following
- Occurring according to a system
- Pre-arranged, organised, or methodical
- Taking place as part of a general plan […]
- Carried out as part of a strategy
Broadly, a systematic offering of goods or services may be that which is undertaken regularly and in the course of business of the entity. One-off transactions outside of the general scope of business carried on by the foreign entity may not create any liability under the E-comm Rules, although such an interpretation would vary as per facts and on a case-to-case basis.
Compliance is the key
Given the points discussed in this article, it would be essential for foreign e-commerce entities that have regular transactions with end-consumers in India to consider updating their compliance in line with the display and process requirements under the E-commerce Rules. There is a lot of scope for ambiguity and interpretation which might ultimately lead to drawn-out litigations. Careful reading and interpretation of the laws will be the immediate ask.
Stella Joseph (Partner), Prakhil Mishra (Associate), and Surabhi Prabhudesai (Associate) are lawyers from Economic Laws Practice, Mumbai. The views of the authors are personal.