By Stella Joseph, Prakhil Mishra and Surabhi Prabhudesai

The recent difference of opinion between the government and Twitter highlights the scrutiny that foreign e-commerce players face from multiple regulatory checkpoints in India, a trend that mirrors the global trend in this direction. . Since many entities in the digital space have an important consumer interface, one of the important compliance parameters for these entities is consumer protection legislation.

Recently, the Indian government has aggressively enforced consumer protection laws against e-commerce players. It is relevant to note that 148 notices were sent to them in the last three months for disclosure of “country of origin” on websites. However, an interesting point to consider is how consumer protection laws in India extend to foreign e-commerce / digital commerce players, especially those who otherwise have no physical presence in the country.

The Consumer Protection Act, 2019 (“CPA”) Was enacted for the purpose of protecting the interests of consumers in India against illegal business activities and unfair business practices and to enable prompt resolution of consumer-related disputes. It replaced the archaic three-decade-old law to encompass modern and contemporary ways of doing business that among others include the provision of goods and services through online selling or e-commerce, direct selling, multilevel marketing, tele-shopping, etc. in addition to all the conventional means that prevail today in the consumer market.

In order to accommodate and regulate the commerce which is rapidly evolving towards the online model, and in particular, without being hampered by geographic borders, the Indian government has notified the Consumer Protection (Electronic Commerce) Rules, 2020 (“Electronic communication rules“) under the CEA. Electronic commerce rules are intended to cover electronic commerce entities that own, operate or manage digital or electronic facilities or platforms for electronic commerce.

Coverage of e-commerce rules

To understand the coverage of CPA and E-Comm rules in general, it would be helpful to refer to the scope of those rules. The CPA extends to the whole country (with the exception of the State of J&K), and in view of this, Rule 2 (1) of the Electronic Communication Rules can be interpreted harmoniously for its s’ apply to entities established in India. It is crucial to note that Rule 2 (2) of the Electronic Commerce Rules very clearly extends the scope to an electronic commerce entity which has no establishment in India but which “consistently offers goods or services to consumers in India ”.

Interestingly, when the draft e-commerce rules were released in 2019 for stakeholder comments, they did not foresee such a broad scope. In light of this, it can be assumed that the inclusion of sub-rule (2) in rule 2 in the notified electronic communication rules is deliberate and aims to extend the applicability to foreign entities. This means that an e-commerce entity that has a consumer base in India is considered to fall within the confines of e-communication rules.

Extraterritorial scope of E-comm rules

In this context, a question that arises with such an inclusive scope of electronic communication rules is that of its extraterritorial applicability to entities which otherwise might not have a physical presence or establishment in India. Such an aspect can be the subject of intense debate if it is not understood in the light of the objective to be achieved by the legislator.

The above question can be analyzed in light of the power conferred on the Indian Parliament to pass laws concerning extraterritorial aspects or causes which may have some connection or connection with India. This question was debated at length by the Honorable Supreme Court in the case of GVK Industries Limited v. The Income Tax Officer and Anr., in which the Supreme Court enunciated the “rule of the connection” to test the validity of a law vis-à-vis extraterritorial applicability. In terms of the “nexus rule”, the Indian Parliament can exercise its legislative powers in relation to extraterritorial aspects which are expected to have an impact or consequences for

(a) Territory of India, or any part of India; or

(b) Interest and well-being of Indians and Indians

Given that the aim and objective of the CPA and the rules that flow from it is to protect the interests of consumers in India, it is possible to think that the extraterritorial applicability of E-comm rules may withstand the test of ” rule of the link “above. .

Coverage of foreign e-commerce entities under the rules

The question of which foreign e-commerce entities are covered by e-commerce rules remains to be considered. As mentioned above, Rule 2.2) specifically covers e-commerce entities not established in India but consistently offering goods or services to consumers in India. Therefore, few key parameters have been prescribed for a foreign entity that has no establishment in India but remains under the radar of E-comm rules. These parameters are:

1. Qualification as an “electronic commerce entity”:

Electronic commerce, as defined in the CPA as well as in the rules of electronic communication, covers any activity of buying or selling goods or services, including digital products over a digital or electronic network. The term “e-commerce entity” is broadly defined under the CPA to mean a person who owns, operates or manages such a digital or electronic facility or platform for e-commerce, and specifically excludes listed sellers. on the markets e-commerce entities to clarify.

2. Offering goods or services to consumers in India:

Primarily, the CPA is intended to apply to goods or services purchased by “consumers”, and this specifically excludes purchases made for commercial purposes. Thus, initially, the applicability is limited only to B2C sales made by foreign entities.

Unless government action or similar restrictions occur, most websites, including e-commerce websites, established in any part of the world can be accessed anywhere else. The mere fact that an Indian consumer is able to view and access a foreign e-commerce platform should not include such a platform under these electronic communication rules. The term ‘offer goods or services… in India‘, thus, becomes critical to delimit with precision. the General Data Protection Regulation (GDPR) enacted in the European Union has a similar scope with regard to the offering of goods or services to subjects in the union. Although in the context of data protection laws, recital 24 of the GDPR elucidates this concept as follows –

In order to determine whether a controller or processor offers goods or services to data subjects located in the Union, it should be checked whether it is obvious that the controller or processor intends to offer services to data subjects in one or more Member States in the Union. whereas the mere accessibility of the website of the controller, processor or intermediary in the Union, of an email address or other contact details, or the use of a language generally used in the third country where the controller is established, is insufficient for intent, factors such as the use of a language or currency generally used in one or more Member States with the possibility of ordering goods and services in that other language, or the mention of customers or users who are located in the Union, may show that the controller intends to offer goods or services to data subjects in the Union.

The text above provides some examples of relevant factors. In general, the test can be summarized as whether the platform managed by a foreign entity makes postings or allows arrangements that can be considered specific to the Indian context. However, in the absence of any clear clarification in the Indian context, this aspect remains subject to interpretation and therefore to future litigation.

1. An offer to be made systematically:

Another criterion is that of an offer to be made Systematically. “Systematic”, however, is an ambiguous and undefined term in this qualification and will be subject to interpretation. Again, since this term reflects that used in the GDPR, an interpretative reference can be made to the guidelines on data protection officers adopted by the GDPR. European Union Article 29 Data Protection Working Group. These guidelines specify that the term “systematic” includes one or more of the following

1. Occurring according to a system
2. Pre-arranged, organized or methodical
3. Taking place within the framework of a general plan […]
4. Carried out as part of a strategy

In general, a systematic offer of goods or services can be one that is undertaken on a regular basis and within the framework of the activities of the entity. One-off transactions outside the general framework of the activities carried out by the foreign entity cannot create any liability under the rules of electronic communication, although such an interpretation may vary depending on the facts and on a case-by-case basis.

Compliance is the key

Considering the points discussed in this article, it would be essential that foreign e-commerce entities that have regular transactions with end consumers in India consider updating their compliance in accordance with the trade rules display and processing requirements. electronic. There is a lot of room for ambiguity and interpretation that could ultimately lead to protracted litigation. A careful reading and interpretation of the laws will be the immediate demand.

Read also

Stella Joseph (partner), Prakhil Mishra (partner) and Surabhi Prabhudesai (partner) are lawyers of Practice of economic law, Mumbai. The views of the authors are personal.