The past decade has witnessed a growing popularity of online learning as an additional tool of education apart from the traditional classroom setup. This popularity has given way to a number of EdTech companies entering the market and increasing the options for the consumers to choose from. The onset of the COVID-19 pandemic propelled the popularity of this learning medium as students sitting anywhere could access educational materials with a few clicks.
With the growing success of e-commerce businesses in India, the government felt the need to bring in a regulatory mechanism with the aim to prevent unfair trade practices in e-commerce and to protect the interests and rights of consumers. For this purpose, the Consumer Protection (E-Commerce) Rules, 2020 were introduced. It is essential to see where these rules stand in relation to the EdTech companies and what the effect of these rules will be on the working of this sector as well as the benefits and protection that it will bring in for the consumers.
Before going into the question of whether EdTech companies can be governed by the Consumer Protection Act and the corresponding rules, it is important to delve into the question of whether education can be said to be a service. The Indian judiciary does not have a static answer to this question. In the case of P. Sreenivasulu & Anr. v. P.J. Alexander & Anr.1, the Supreme Court held that educational institutions would come within the purview of the Consumer Protection Act, 1986 and that education is a service. But a contrary view was taken in the case of P.T. Koshy & Anr. v. Ellen Charitable Trust & Ors.2, where the Supreme Court held that students are not ‘consumers’, ‘education’ is not a commodity and educational institutions are not rendering ‘service’. However, decisions by the Consumer Dispute Resolution Commissions even post the P.T. Koshy ruling have observed contrasting opinions in this regard.
That being said, it is put forth that the conflicting opinions and the ambiguity surrounding the question as to whether education is a service would not have a heavy bearing on the discussion regarding the applicability of consumer protection laws to Edtech companies. This is due to the fact that the main idea behind the judicial pronouncements which viewed education outside the definition of service was consistent; that the impartation of education cannot be a commercial activity and neither is education an economic good. However, the case at hand is not concerned with any educational institution whatsoever; these EdTech platforms are rather akin to a coaching centre. Therefore, there are no grounds to support the contention that Edtech companies cannot be said to be providing a service.
This idea was discussed by the National Consumer Disputes Redressal Commission in Manu Solanki v. Vinayak Mission University3, wherein it was said that matters concerning educational institutions cannot be entertained by the Consumer forum. It was viewed, however, that coaching classes do not fall under the ambit of education as defined by the seven judge bench of the Apex Court in P.A. Inamdar4. They cannot be treated on par with educational institutions such as schools and colleges that are regulated by a regulatory authority where the students are conferred with a degree/diploma after the conduction of examinations. Hence, allegations of defect, unfair trade practice or deficiency against a service provider like a coaching centre would fall within the jurisdiction of the Consumer fora.
Therefore, the question regarding whether educational institutions would be subject to consumer protection laws, that is currently pending before the Supreme Court in Manu Solanki v. Union of India5 would not affect the present discussion as it is clear that EdTech companies are not deemed to be educational institutions. In that backdrop, it is pertinent to highlight the framework under the new E-Commerce Rules.
A background analysis of the factors that necessitated the introduction of the rules would present a clearer picture as to its significance. The need for the rules can be traced back to the introduction of the Consumer Protection Act (CPA), 20196 itself. The 2019 Act has an expanded scope of application in comparison to the 1986 Act. Firstly, the 2019 Act brings under its ambit e-commerce and electronic service providers. The Act also expands the scope of Unfair Trade Practices (UTP) to include instances of privacy violations. This is embodied in the provision dealing with UTPs that now cover disclosure of consumer’s personal information given in confidence to another person.7 Refusal to withdraw deficient goods or services within the limited period stipulated would also amount to an Unfair Trade Practice.8 Another addition to the Act is the protection offered to consumers against unfair contracts.9 The increased scope of the Act paved the way for the framing of rules that specifically address e-commerce entities and outline their duties explicitly. The applicability of these provisions and rules to the EdTech sector shall be elaborated at a later point in this article.
Section 2(16)10 of the Consumer Protection Act, 2019 defines e-commerce to mean “buying or selling of goods or services including digital products over digital or electronic network”.
Section 9411 of the Act provides that the Central Government has the power to take appropriate measures for the purpose of preventing unfair trade practices in e-commerce, direct selling and to protect the interest and rights of consumers. In pursuance of this section, the Ministry of Consumer Affairs, Food and Public Distribution notified the Consumer Protection (E-Commerce) Rules, 2020 on 23rd July 2020 under the Consumer Protection Act, 2019 with a view to formulate rules for entities that transact in the digital space. Rule 3(1)(b) of the 2020 Rules defines an e-commerce entity to mean “any person who owns, operates or manages digital or electronic facility or platform for electronic commerce, but does not include a seller offering his goods or services for sale on a marketplace e-commerce entity”.
As the business of EdTech companies is based on providing online tutoring and skill based training to the consumers for a fee, these companies can be said to be providing services and thereby carrying out e-commerce within the definition provided under the Act and hence, correspondingly can be said to fall under the definition of e-commerce entity under the 2020 Rules.12 The EdTech platforms provide a service in exchange for a predetermined fee and hence, are governed by the Act.
The Rules further distinguish between two types of e-commerce entities: inventory e-commerce entity and marketplace e-commerce entity. Rule 3(f) defines inventory e-commerce entity to mean “an e-commerce entity which owns the inventory of goods or services and sells such goods or services directly to the consumers and shall include single brand retailers and multi-channel single brand retailers” and rule 3(g) defines marketplace e-commerce entity to mean “an e-commerce entity which provides an information technology platform on a digital or electronic network to facilitate transactions between buyers and sellers”. The nature of EdTech companies is such that they can fall under either of these definitions. These companies, being service providers which offer their programs on an electronic platform, can be said to be inventory based e-commerce entities while on the other hand, the companies that act as a bridge between tutors from various institutions and consumers can be categorised as marketplace based e-commerce entities. The Rules stipulate varying compliances depending on the type of e-commerce entity.
This bifurcation is based on the business model of e-commerce entities- B2B and B2C. Simply put, B2B refers to business dealings between two businesses whereas B2C refers to the business to consumer model. Depending upon which definition they fall under, the FDI policy varies. 100% FDI is allowed for B2B companies13, not so in the case of B2C companies14.
The 2020 rules will prompt such companies to adhere to the various requirements that are applicable to e-commerce entities. The Consumer Protection Act, 2019 was enacted with the aim to provide for the protection of the interests of consumers. Hence, consumers will now have a platform for the redressal of any grievances that they might have against EdTech companies. The essential point to note here is that services which are offered free of charge cannot be governed by the provisions of the Act. This is an important consideration as platforms such as YouTube host various channels which are dedicated to offering educational content and vocational videos. This cannot be brought under the purview of the Act so long as these services are provided free of charge. This is for the simple reasons that CPA 2019 excludes services offered for free and many channels genuinely spread informative content without any intent of commercialisation and such entities should not be put to peril. But the question that remains to be answered is, what rules will be directly applicable to the EdTech companies.
There have been sparse instances of legal action against EdTech Companies under the Consumer Protection law. In Joginder Singh Saini v. Byju’s Think & Learn Pvt Ltd15, the District Consumer Disputes Redressal Forum was faced with the complaint of deficiency in service against an EdTech company. The complainant had purchased the services of the respondent where he had to pay a sum of Rs. 3000/- and provide the details regarding his credit card so that the rest of the amount for the course could be deducted in instalments. The complainant did not like the method of teaching adopted by the company and made repeated requests to terminate the service. However, the company paid no heed and amounts were periodically deducted from the applicant’s account. On an application, the consumer forum found merit in the complainant’s contentions of deficiency in service and harassment and the opposite party also did not appear before the court. The forum ordered for refund of amounts deducted and to indemnify the litigation expenses of the applicant.
In Anurag v. Byju’s The Learning App16, the consumer was provided with an option to discontinue the course after a trial period. When the consumer wanted to terminate the services of the company due to him not being able to afford to pay the instalments and communicated the same, the opposite party did not pay heed to them and continued to deduct amounts. The court found deficiency in service and unfair trade practice and ordered for the refund and litigation expenses to be paid. Suits against such practices have only been pursued in sparse cases and that too on limited grounds.
In that regard, an exclusive set of rules that cover EdTech companies under its ambit would be instrumental in furthering the objective of Consumer Protection Act, 2019. The rules target specific issues that are unique to e-commerce entities, including EdTech companies and aim to tackle them by mandating adherence to strict principles.
Consistent issues with e-commerce include misleading advertisements, fake consumer reviews and ratings. Due to this, consumers are almost always unaware of the genuineness of an article or a service provided by such entities. Rule 6 and 7 of the E-Commerce Rules directly address these issues. Under these rules, the EdTech company can no longer falsely represent itself as a consumer and post reviews.17 The platforms are also obligated to provide refunds if the goods and services are defective or if they are not of the characteristics or features as advertised.18 Further, there is a duty cast upon these entities to advertise in an honest manner where they are to stick with actual characteristics, access usage of goods/services offered. Transparency is also required in providing the total price in a single good or service along with breakup price, showing all the compulsory and voluntary charges such as delivery charges, postage and handling charges, conveyance charges and the applicable tax, as applicable.19
The biggest concern associated with e-commerce is the protection of private data of consumers. Many sites collect personal information of the users for the purpose of providing a personalised user experience. This information ranges from their names, addresses, credit information etc. The host server often stores information regarding the frequency of the users visiting the site and moreover, many of these websites make use of third-party cookies which collects information regarding the browsing habits of the users and makes use of such information to feed user-targeted advertisements.20
In the case of EdTech companies, the need for protection of the user data only increases as the consumers are quite often minors who do not have the requisite ability to be vigilant about the protection of their private information. The privacy policies of these companies are designed in such a way that they assume that the users have the ability to understand the terms of use and consent to the use of their personal information to access the services offered. This puts the minor users in a vulnerable state as they are not informed enough to understand the implications of giving consent to such privacy policies. In the recent past, EdTech platforms such as Unacademy and Vedantu have suffered data breaches which have led to user information landing up on the dark web for sale.21
Section 2(47) of the 2019 Act directly addresses data privacy issues and can be made applicable to hold the Edtech companies accountable in such situations. The provision enumerates that disclosing any personal information given in confidence by the consumer shall be an unfair trade practice unless such disclosure is made in accordance with the provisions of any law.22 This provision would apply to EdTech companies by way of Rules 2(1)(d) and 8 of the E-Commerce Rules that provide that the rules apply to any UTP across all models of e-commerce and that the provisions of the 2019 Act shall be applicable for any violation of these rules.
An essential distinction is to be made when it comes to platforms providing free content and those that provide content for a charge. Even though the CPA, 2019 does not apply to organisations that provide educational content for free, privacy issues persist irrespective of whether the service is provided for a fee or if it is offered free of charge. Though entities offering a free service would not fall under the ambit of the rules, they would still be governed under laws that protect the privacy of individuals.
The Information Technology Act, 2000, being a 21 year old law, has been unable to keep up with the rapid changes in information technology and is not sufficient to address the emerging challenges in the field of data privacy and protection. The Personal Data Protection Bill, 2019 was introduced with the aim to provide statutory protection for privacy of individuals relating to their personal data. The Bill lays down the manner in which personal data of individuals is to be collected, processed, used, disclosed, stored and transferred.23 This Bill is applicable to Indian as well as foreign companies which process personal data of individuals in India and hence, would cover EdTech companies within its ambit. The Bill has incorporated the Privacy by Design policy under which the companies dealing with personal data of individuals have the responsibility to incorporate data protection and privacy mechanisms in the data collection and storing system right from the beginning. The Bill also obligates data fiduciary to verify the age and obtain the consent of the parents/guardians of children before processing their personal data24. But the Bill is yet to be passed.
The introduction of the e-commerce rules places an increased responsibility on the conduct of business by EdTech companies that have grown and profited tremendously, especially during the coronavirus pandemic. The CPA, 2019 and the 2020 rules ensure that the consumers are not put at a disadvantageous position owing to their weak bargaining power and the dominant position of these companies.
Regulation of EdTech companies has been achieved by legislations and rules on consumer protection and data privacy rules in many jurisdictions. Since a large portion of the target audience of such entities are children, jurisdictions such as the US25 and the EU26, through their legal framework, obligate EdTech companies to observe reasonable data security practices. Some of these practices include obtaining parental/guardian consent prior to the collection of certain types of information for the purpose of protecting student accounts from hackers and other unsavoury elements on the internet. Though India does not have a legislation that comprehensively addresses data privacy issues, the E-commerce Rules significantly address consumer protection concerns. The gamut of the consumer protection statute and the related instrument will increase the legal responsibilities and compliances of the companies in this sector. The introduction of the rules is no doubt a welcome move that takes us closer to the goal of establishing an effective redressal mechanism under which users of such interface can assert their rights and claim remedies.