The 2019 Act's most consequential modernisation was not written into the statute at all — it lives in the delegated legislation and authority orders that have grown around it. Two subordinate instruments, the Consumer Protection (E-Commerce) Rules, 2020 and the Consumer Protection (Direct Selling) Rules, 2021, together with the Central Consumer Protection Authority's 2023 dark-pattern guidelines and a steady stream of advisories, have rewritten how Amazon, Flipkart, Meesho, Amway and their sellers must behave toward Indian consumers. The animating idea is simple but radical: the platform that profits from a transaction can no longer hide behind the seller. This article maps the framework, its empowering provisions, the unresolved "fall-back liability" debate, and the case law that decides when an online intermediary becomes a respondent.
Why a Separate Regime for E-Commerce and Direct Selling
The Consumer Protection Act, 1986 was drafted for a brick-and-mortar economy. It knew the shopkeeper and the manufacturer; it did not know the marketplace, the aggregator, the influencer-seller or the multi-level distributor. The 2019 Act consciously corrected this. Section 2(16) defines e-commerce as buying or selling of goods or services including digital products over a digital or electronic network, and Section 2(17) defines an electronic service provider. Critically, the definition of "consumer" in Section 2(7) carries an explanation declaring that the expression "buys any goods" and "hires or avails any services" includes offline or online transactions through electronic means or by teleshopping or direct selling or multi-level marketing. With one stroke the legislature placed every online buyer squarely within the Act, regardless of how exotic the sales channel. For the foundational vocabulary, see our note on Definitions.
But definitions alone do not regulate conduct. The Act therefore armed the Central Government and the new Central Consumer Protection Authority (CCPA) with rule-making and class-protection powers, and it is through these that the e-commerce and direct selling regimes were built. The result is a layered architecture — the parent Act, two sets of Rules, and a body of CCPA guidelines and advisories — that a judiciary or CLAT-PG aspirant must read together rather than in isolation.
The E-Commerce Rules, 2020: Empowering Provision and Architecture
The Consumer Protection (E-Commerce) Rules, 2020 were notified by G.S.R. 462(E) dated 23 July 2020 in exercise of the power conferred by sub-clause (zg) of sub-section (1) of Section 101 of the Act. Their reach is deliberately wide: Rule 2 applies them to all goods and services bought or sold over a digital network, all models of e-commerce including marketplace and inventory models, all e-commerce entities offering goods or services to consumers in India, and all forms of unfair trade practice across all e-commerce models — and, crucially, they bind even an entity not established in India but which systematically offers goods or services to Indian consumers.
The definitions in Rule 3 do the structural work. An inventory e-commerce entity (Rule 3(1)(f)) owns the inventory and sells directly to consumers, including single-brand and multi-channel single-brand retailers. A marketplace e-commerce entity (Rule 3(1)(g)) merely provides an information-technology platform on a digital network to facilitate transactions between buyers and sellers. The distinction matters enormously, because the inventory entity is itself the seller and owns full liability, while the marketplace claims to be a neutral facilitator. The Rules refuse to let that claim be a complete shield. Note too that Rule 3(1)(k) borrows the definition of "seller" directly from Section 2(37) of the Act, anchoring the subordinate legislation to the parent statute.
Duties of Every E-Commerce Entity (Rule 4)
Rule 4 imposes baseline obligations on every e-commerce entity, inventory and marketplace alike. The entity must appoint a nodal officer or an alternate senior designated functionary resident in India to ensure compliance with the Act and Rules (Rule 4(1)). It must prominently display its legal name, registered and contact addresses, the name and details of its website, and the contact details of customer-care and grievance officers (Rule 4(2)). It must establish an adequate grievance-redressal mechanism and appoint a grievance officer who acknowledges any consumer complaint within forty-eight hours and ordinarily redresses it within one month (Rule 4(4)–(5)). Where goods are imported, the entity must mention the name of the importer and the country of origin (Rule 4(6)).
Rule 4(11) contains two prohibitions of real bite. No e-commerce entity may manipulate the price of goods or services so as to gain unreasonable profit by imposing an unjustified price having regard to prevailing market conditions, nor may it discriminate between consumers of the same class or make any arbitrary classification affecting their rights. Read alongside the CCPA's later dark-pattern guidelines, Rule 4 is the backbone against drip pricing, surge manipulation and consent-by-default. Rule 4 also requires the entity to effect refunds for accepted requests within a reasonable period as prescribed by the Reserve Bank of India. These platform-level duties complement the consumer's substantive entitlements catalogued in our note on Consumer Rights.
Marketplace Liability and the Section 79 Safe Harbour (Rule 5)
Rule 5 is the provision that ties the marketplace's neutrality claim to the intermediary safe harbour. Rule 5(1) states plainly: a marketplace e-commerce entity that seeks to avail the exemption from liability under sub-section (1) of Section 79 of the Information Technology Act, 2000 shall comply with sub-sections (2) and (3) of that section, including the Information Technology (Intermediary Guidelines) Rules. In other words, safe harbour is conditional, not automatic. The marketplace must (Rule 5(2)) obtain an undertaking from each seller that descriptions, images and content correspond to the actual nature and quality of the goods, and it must (Rule 5(3)) prominently display seller details — business name, geographic address, customer-care number, aggregated ratings — and the seller's grievance-officer particulars, so consumers can make informed pre-purchase decisions. Rule 5(4) requires disclosure of any differentiated treatment between sellers, and Rule 5(5) requires the marketplace to keep records of sellers who have repeatedly offered goods removed under the Copyright Act 1957, the Trade Marks Act 1999 or the IT Act 2000.
The statutory backdrop is Shreya Singhal v. Union of India, (2015) 5 SCC 1, where the Supreme Court read down Section 79(3)(b) and Rule 3(4) of the Intermediary Guidelines to hold that an intermediary's obligation to take down content arises only upon "actual knowledge" through a court order or a government notification, not on a private complainant's say-so. The E-Commerce Rules do not disturb that constitutional reading for content takedown; instead they layer a separate, consumer-protection set of duties on top of the IT-Act safe harbour, so that a marketplace can be both a protected intermediary for third-party content and a regulated entity for consumer-facing disclosures.
When the Platform Loses Its Immunity: Christian Louboutin
The leading authority on when an online platform forfeits intermediary protection is Christian Louboutin Sas v. Nakul Bajaj, 2018 SCC OnLine Del 12215, decided by the Delhi High Court on 2 November 2018. The luxury footwear brand sued the operator of darveys.com for selling counterfeit Louboutin products. The defendant pleaded Section 79 immunity as a mere intermediary. Justice Prathiba M. Singh rejected the blanket defence, holding that the safe harbour under Section 79 is available only to an entity that is genuinely passive. The Court enumerated roughly twenty-six functions — identifying the seller, advertising and promoting products, transporting goods, using the trademark in meta-tags, authenticating products, processing payments — and held that the more of these "active" roles a platform performs, the further it travels from the neutral conduit that Section 79 protects. An e-commerce site that conspires with, abets or actively participates in selling infringing or spurious goods cannot claim the exemption.
Although Louboutin arose in trademark law, its ratio is foundational for consumer protection: it supplies the active-versus-passive test that the E-Commerce Rules later codified through the conditional language of Rule 5(1). For a judiciary aspirant, the lesson is that "I am only a marketplace" is a defence of fact, not of law — its success turns on how much control the platform actually exercises over the listing, the seller and the transaction.
Duties of Sellers on a Marketplace (Rule 6)
Rule 6 disciplines the seller who uses a marketplace platform, closing the gap that a passive platform would otherwise leave. No such seller may adopt any unfair trade practice (Rule 6(1)) or falsely pose as a consumer to post fake reviews (Rule 6(2)) — a direct hit on astroturfing and paid review farms. Rule 6(3) forbids the seller from refusing to take back defective, deficient or spurious goods, or goods not matching the advertised characteristics, or to refund consideration, subject to a force-majeure carve-out for late delivery. The seller must have a prior written contract with the marketplace (Rule 6(4)(a)), appoint a grievance officer who acknowledges complaints within forty-eight hours and resolves them within one month (Rule 6(4)(b)), and provide the platform with its legal name, principal geographic address, website, email, customer-care details and, where applicable, GSTIN and PAN (Rule 6(4)(d)). Rule 6(5) requires the seller to furnish all material particulars — including country of origin — necessary for an informed pre-purchase decision.
The CCPA, exercising its powers and functions, has actively enforced these display duties. Its advisory of 30 September 2021 (File No. J-25/59/2021-CCPA) recorded that several marketplace entities were failing to display seller grievance-officer details as required by Rule 5(3)(e), and directed compliance — a reminder that the Rules are not dormant text but the basis of live regulatory action.
The "Fall-Back Liability" Debate and the 2021 Proposed Amendments
On 21 June 2021 the Department of Consumer Affairs published draft amendments to the E-Commerce Rules and invited stakeholder comments. The most discussed proposal was the introduction of fall-back liability: a marketplace would become liable where a seller registered on its platform fails to deliver goods or services due to negligent conduct, an act or omission, in fulfilling the duties prescribed by the marketplace, thereby causing loss to the consumer. The draft also sought to curb fraudulent flash sales, restrict "related party" sellers, mandate a resident chief compliance officer and grievance officer, and require registration of e-commerce entities.
The proposal generated sharp criticism. Industry and several commentators argued that fall-back liability was vaguely worded, lacked a due-diligence carve-out for platforms that had exercised reasonable care, and might encourage unnecessary litigation when a refund guarantee would have served the consumer better. The flash-sale restriction was attacked as potentially anti-competitive and as undermining consumer choice. As of the present law, these 2021 proposals remain draft amendments that have not been formally notified into the principal Rules; an aspirant should therefore treat fall-back liability as a proposed, not an operative, concept, while recognising that the active-participation case law already achieves much of the same result in practice. The unresolved tension — between treating the platform as a neutral intermediary and as a fall-back guarantor — is among the most examinable policy questions in this area.
Platform Liability Before the Consumer Commissions
Even without notified fall-back liability, the Consumer Disputes Redressal Commissions have repeatedly declined to let online platforms escape on the bare plea of being an intermediary. In Amazon Seller Services Pvt. Ltd. v. Gopal Krishan (First Appeal No. 27 of 2017, decided 17 February 2017), the National Commission considered a Xiaomi Redmi Note 3 purchased through Amazon's portal and found defective. The Commission held that an online facilitator that enables and profits from the sale is duty-bound to ensure that goods sold through it meet quality standards, and cannot wash its hands of a defective product by labelling itself a mere intermediary.
The position is not uniform, however, and outcomes turn on the precise role pleaded and proved. In Paras Jain v. Amazon Seller Services (P) Ltd., 2021 SCC OnLine NCDRC 312, the National Commission (Dr Justice R.K. Agarwal, President, and Dr S.M. Kantikar, Member) declined to award a refund and punitive damages where Amazon had publicised a changed return policy and the consumer retained the remedy of a free replacement for the defective handset; the Commission held that the platform's conduct did not warrant punishment. Read together, these decisions show a fact-sensitive spectrum: a platform that controls the listing and presents itself as the seller's guarantor is treated as a quasi-seller, while a platform that has fairly disclosed its policies and preserved the consumer's remedy may avoid liability.
Product Liability and the Online Seller (Chapter VI)
The 2019 Act's wholly new product-liability regime (Sections 82–87) interlocks with the e-commerce framework. Section 83 permits a product-liability action against a product manufacturer, product service provider or product seller for harm caused by a defective product. Section 85 fixes liability on a product seller who is not the manufacturer where, among other grounds, the seller exercised substantial control over designing, testing, manufacturing, packaging or labelling; altered or modified the product; made an independent express warranty that failed; or where the product was sold by the seller and the manufacturer's identity is unknown or process cannot be served on the manufacturer in India (Section 85(d)).
This last limb is significant for marketplaces. Where the actual seller is an anonymous or untraceable third party — common in cross-border drop-shipping — Section 85(d) can route liability to the entity through which the product reached the consumer. Whether a marketplace falls within "product seller" as defined in Section 2(37) is a contested but live question, and it is the statutory bridge between the consumer-protection display duties of the E-Commerce Rules and full compensatory liability for a defective product. Section 87 preserves the usual defences — misuse, alteration, obvious-danger and so forth. The practical consequence for an aspirant is that the e-commerce display duties and the product-liability chapter must be argued together: the disclosure failures penalised by the Rules are frequently the very facts that establish the seller's substantial control or untraceability under Section 85, converting a procedural breach into a compensatory liability.
The Direct Selling Rules, 2021: Legitimising the Channel
Direct selling — the door-to-door and network-based sale of goods through a chain of independent sellers, exemplified by Amway, Tupperware and Modicare — long occupied a legal grey zone, perilously close to the banned territory of money circulation. The Consumer Protection (Direct Selling) Rules, 2021, notified by G.S.R. 889(E) dated 28 December 2021 under clause (zg) of sub-section (2) of Section 101 read with Section 94 of the Act, finally gave the industry a clear compliance code. Existing entities were given ninety days from publication to comply. Rule 2 makes the Rules applicable to all goods and services sold through direct selling, all models of direct selling, every direct-selling entity offering goods or services to consumers in India, and all forms of unfair trade practice across direct-selling models.
Rule 3 carefully separates the legitimate from the prohibited. A direct selling entity is the principal that sells through a network of sellers but does not include an entity engaged in a pyramid scheme or money circulation scheme. A direct seller is a person authorised by the entity through a legally enforceable written contract to undertake direct selling on a principal-to-principal basis. A pyramid scheme is a multi-layered network of subscribers where members enrol others to receive benefit from the enrolment or performance of successive subscribers, and a money circulation scheme takes its meaning from Section 2(c) of the Prize Chits and Money Circulation Schemes (Banning) Act, 1978.
Obligations of the Direct Selling Entity and Direct Seller (Rules 5–8)
Rule 5 loads the entity with structural and disclosure duties. It must be incorporated under the Companies Act 2013 (or registered as a partnership or LLP), and — a key anti-fly-by-night safeguard — must have a minimum of one physical location as its registered office within India. It must make a self-declaration that it is not involved in any pyramid or money circulation scheme, maintain an updated website disclosing its nodal officer, grievance officer, management, products, prices and redressal mechanism, and store sensitive personal data within India. The entity must appoint a grievance-redressal officer who acknowledges complaints within forty-eight working hours and ordinarily redresses them within one month (Rule 5(7)), and a separate nodal officer for compliance (Rule 5(8)). It must become a partner in the convergence process of the National Consumer Helpline (Rule 5(17)).
Two obligations deserve emphasis for exam purposes. Rule 5(14) provides that a direct selling entity which explicitly or implicitly vouches for the authenticity of goods or services, or guarantees them as authentic, shall bear the liability in any action relating to that authenticity. Rule 5(13) bars the entity from falsely representing itself as a consumer to post reviews — the direct-selling counterpart of the marketplace astroturfing ban. Rule 6 then imposes parallel duties on the individual direct seller: a prior written contract, truthful identification of the entity and the nature of the goods, a detailed order form stating the country of origin, refund and return rights, and GST/PAN registration. The entity remains accountable for grievances arising from sales by its sellers, dissolving the old excuse that distributors were independent contractors beyond the principal's reach.
Pyramid Prohibition and the E-Commerce Overlap
Rule 10 of the Direct Selling Rules is the heart of the consumer-protection bargain. No direct-selling entity or direct seller may promote a pyramid scheme, enrol any person into such a scheme, or participate in a money circulation scheme in the garb of doing direct-selling business. This converts what was previously a criminal-law question under the 1978 Banning Act into a consumer-protection compliance duty enforceable through the consumer fora and the CCPA, giving aggrieved participants a civil remedy alongside the criminal sanction.
Rule 9 closes a jurisdictional loophole created by the rise of online network marketing: a direct-selling entity or direct seller that uses an e-commerce platform for sale must additionally comply with the Consumer Protection (E-Commerce) Rules, 2020. A network-marketing seller who lists on a marketplace is therefore bound by both regimes simultaneously — the direct-selling code for the network relationship and the e-commerce code for the platform transaction. This deliberate overlap reflects the Act's general philosophy, traced in our Introduction, of leaving no sales channel unregulated. It also has a practical enforcement payoff: a consumer cheated by an online network-marketing scheme can invoke whichever regime offers the cleaner remedy, and the CCPA can proceed against the entity for unfair trade practice under either framework without first resolving which label — direct seller or e-commerce seller — most accurately describes the impugned conduct.
Dark Patterns Guidelines, 2023 and the 2025 Self-Audit Advisory
The newest layer is the CCPA's Guidelines for Prevention and Regulation of Dark Patterns, 2023, notified on 30 November 2023 in exercise of the CCPA's powers under Section 18 of the Act. A "dark pattern" is defined as any practice or deceptive design pattern using user-interface or user-experience interactions designed to mislead or trick a user into doing something they did not intend to do. The Guidelines specify thirteen named dark patterns: false urgency, basket sneaking, confirm shaming, forced action, subscription trap, interface interference, bait and switch, drip pricing, disguised advertisement, nagging, trick question, SaaS billing and rogue malware. The list is expressly non-exhaustive, and the CCPA retains discretion to add to it.
The Guidelines apply to all platforms systematically offering goods or services in India, sellers and advertisers. Their legal character is debated — they read partly as binding norms and partly as soft-law clarification of what already constitutes an unfair trade practice under Section 2(47) of the Act. The CCPA reinforced them with an advisory dated 5 June 2025 directing all e-commerce platforms to conduct a self-audit within three months to detect and eliminate dark patterns, expressly invoking Rule 4 of the E-Commerce Rules and its requirement of explicit, affirmative consumer consent (no pre-ticked boxes). For students, the takeaway is that the regulatory frontier has moved from what is sold online to how the interface nudges the consumer into the purchase. The hub note at Consumer Protection Act notes situates these developments within the wider scheme of the Act.
Synthesis for the Exam Hall
For a judiciary or CLAT-PG answer, organise the material around three propositions. First, the 2019 Act brought online and direct-selling transactions squarely within consumer law through the Explanation to Section 2(7) and the definitions in Sections 2(16)–(17), then delegated the detail to Rules under Section 101. Second, marketplace neutrality is conditional, not absolute: the Section 79 safe harbour survives only for genuinely passive platforms, as Christian Louboutin v. Nakul Bajaj held and Rule 5(1) codified, while active participation, control over listings and authenticity guarantees pull the platform toward seller-like liability, reinforced by Section 85(d) product-liability and decisions such as Amazon Seller Services v. Gopal Krishan. Third, the regulatory frontier is now design and disclosure — country-of-origin, fake-review and dark-pattern controls — enforced increasingly by CCPA advisories rather than litigation.
Be precise about what is operative law and what is proposal: the E-Commerce Rules 2020, the Direct Selling Rules 2021 and the Dark Patterns Guidelines 2023 are notified and in force; the fall-back-liability and flash-sale provisions floated in June 2021 remain draft amendments. A candidate who can distinguish the two, name the empowering provisions, and deploy Louboutin and Shreya Singhal on the safe-harbour question will write a markedly stronger answer than one who recites the Rules in the abstract.
Frequently asked questions
Are online marketplaces such as Amazon and Flipkart liable for defective products sold by third-party sellers?
Not automatically, but the immunity is conditional. Under Rule 5(1) of the Consumer Protection (E-Commerce) Rules, 2020 a marketplace may avail the Section 79 IT Act safe harbour only if it stays a passive facilitator and complies with the prescribed disclosure duties. Christian Louboutin Sas v. Nakul Bajaj, 2018 SCC OnLine Del 12215, held that a platform performing active roles loses the exemption, and in Amazon Seller Services Pvt. Ltd. v. Gopal Krishan the National Commission held that a facilitator profiting from a sale is duty-bound to ensure quality. Outcomes are fact-sensitive, as Paras Jain v. Amazon Seller Services (P) Ltd., 2021 SCC OnLine NCDRC 312, shows.
What is 'fall-back liability' and is it currently the law in India?
Fall-back liability is a proposed rule that would make a marketplace liable where a registered seller fails to deliver goods or services due to its negligence, act or omission, causing loss to the consumer. It appeared in the draft amendments to the E-Commerce Rules published on 21 June 2021, alongside flash-sale curbs. These proposals were criticised as vague and were not notified into the principal Rules, so fall-back liability is a draft concept, not operative law — though active-participation case law achieves much of the same effect.
How do the Direct Selling Rules, 2021 distinguish legitimate direct selling from a banned pyramid scheme?
A legitimate direct-selling entity sells goods through a written principal-to-principal contract with sellers and derives revenue from actual sales of goods or services. A pyramid scheme (Rule 3) is a multi-layered network where members earn from enrolling further subscribers rather than from genuine sales. Rule 10 prohibits any direct-selling entity or seller from promoting a pyramid scheme or participating in a money circulation scheme — the latter defined by reference to Section 2(c) of the Prize Chits and Money Circulation Schemes (Banning) Act, 1978 — in the garb of direct selling.
What are 'dark patterns' and what is their legal status under the Consumer Protection Act?
Dark patterns are deceptive user-interface designs that trick consumers into unintended actions. The CCPA's Guidelines for Prevention and Regulation of Dark Patterns, 2023, notified on 30 November 2023 under Section 18 of the Act, list thirteen — including false urgency, basket sneaking, confirm shaming, drip pricing and subscription traps. They operate as a clarification of what amounts to an unfair trade practice under Section 2(47), and the CCPA's advisory of 5 June 2025 directed e-commerce platforms to self-audit within three months to eliminate them.
Which statutory provisions empower the E-Commerce and Direct Selling Rules?
The Consumer Protection (E-Commerce) Rules, 2020 (G.S.R. 462(E), 23 July 2020) were made under sub-clause (zg) of sub-section (1) of Section 101 of the Act. The Consumer Protection (Direct Selling) Rules, 2021 (G.S.R. 889(E), 28 December 2021) were made under clause (zg) of sub-section (2) of Section 101 read with Section 94. The Dark Patterns Guidelines, 2023 rest on the CCPA's powers under Section 18. All are subordinate to the parent definitions of e-commerce and direct selling in the Explanation to Section 2(7) and Sections 2(16)–(17).
Does a seller doing network marketing on an online platform have to follow both sets of Rules?
Yes. Rule 9 of the Direct Selling Rules, 2021 expressly provides that a direct-selling entity or direct seller using an e-commerce platform for sale must also comply with the Consumer Protection (E-Commerce) Rules, 2020. Such a seller is therefore bound simultaneously by the direct-selling code governing the network relationship and the e-commerce code governing the platform transaction — a deliberate overlap that leaves no online sales channel unregulated.