Cloud Kitchen, Robo Kitchens And Cyber Law

While Cloud Kitchens are increasingly emerging on the landscape during this pandemic period. Given the present scenario, cloud kitchens are resorting to be the cogent and holistic approach which seem to be flooding the Indian market. These Cloud Kitchens as the name suggests make use of cloud technology as also make use of online food ordering mechanism. Cloud Kitchens can be considered as the digital kitchens offering no dine-in options, cost efficiency, reducing the high rentals.

The Cloud Kitchens are popular by various names including virtual kitchens, dark kitchens, satellite kitchens. Further, the Cloud Kitchens have evolved into various forms and manner by way of multi-brand cloud kitchen, co-working cloud kitchen, single brand cloud kitchen, hub & spoke cloud kitchen, pod cloud kitchen, aggregator cloud kitchen, outsourced cloud kitchen etc.


While at this time where Cloud Kitchens are the season of the times, a plausible proposition of Cyber Law emerged as a new focal area. Cloud Kitchens cannot consider Cyber Law as everybody else’s baby since computers, computer systems, computer resources, computer networks, communication devices, data or information in electronic format are used left, right, centre for their operations and running. The Indian Cyber Law is one of the significant legislations passed by India post independence since it deals with anything and everything that is digital. The Cloud Kitchens can also be bought under the Indian cyber law umbrella. The Indian Cyber Law primarily comprises of the Information Technology Act, rules, regulations made thereunder.


The Cloud Kitchens will have to have heightened focus on privacy since the privacy is now the fundamental right of all citizens given the latest judgement of Hon’ble Supreme Court. The Cloud Kitchens operate on the modus operandi of getting orders through web, mobile apps of various online food aggregators and preparing the said orders. However, the privacy of the users or customers will have to be the protected at all times during the preparation and working of Cloud Kitchens. The Cloud Kitchens will have to ensure that all its staff, employees working or associated with its operations are aware of the privacy protection.

In this scenario, Indian Cyber Law becomes the silver lining as its deals with privacy breaches under Sec 66, 72, 72A of the Information Technology Act read along with the rules, regulations


The Cloud Kitchens reap their operations by making use of the data being made available to them through the various online food aggregators with whom they are associated. These Cloud Kitchens tailor their menu and craft the same subject to such data specific to the user preferences, their eating habits and the like. The Cloud Kitchens will have to have reasonable security practices under the Information Technology Act read along with the Information Technology Rules, regulations.

Cloud Kitchen will also be handling with Personal Information of its customers for processing their orders placed through the online food aggregators. Further, the term “Personal Information” shall mean any information through which a natural person shall be identified.

Further, in the context of personal information, Cloud Kitchens will have access to the unique order id of the customer along with their orders, food preferences for preparing and processing such orders. However, such unique order id can also be considered as Personal Information since the user can be identified using the same.


The Information Technology Amended Act 2008 read along with IT Rules have brought in a golden standard by way of an intermediary under Section 2(w) which includes any entity collecting electronic records and providing services with respect to such electronic records.

The Cloud Kitchens can be considered as Intermediaries given that they operate through the online food aggregators for orders, preparation and processing of such orders. Therefore, the Cloud Kitchens make use of data, information in electronic format which can be interpreted as e-records under the IT Act.

Further, the Cloud Kitchens also provide their services with respect to such e-records, thereby populating themselves as Intermediaries under the Information Technology Act, rules, regulations


The Cloud Kitchens will have to observe Cyber Due Diligence under the Information Technology Act, rules, regulations given the fact that they are intermediaries. In a nutshell, they will be required to have specific legal policies as laid down under the Information Technology Act, rules, regulations including Privacy Policy, Grievance Mechanism, User Agreements, Terms and Conditions.

The Cloud Kitchens will also be required to ensure that they choose the online food aggregator observing cyber due diligence while partnering with them. In the absence of the above, the Cloud Kitchens may be exposed to civil and criminal liabilities.


The Cloud Kitchens will have to comply with the specific norms of Due Diligence laid down by the Information Technology Act, rules, regulations. Any non-observance of the same, shall expose the Cloud Kitchen to damages by way of compensation up to INR 5 crores per contravention. Further, as per the New IT Rules 2021, in case of any non-observance of rules, will make the statutory exemption under Section 79 of the Information Technology inapplicable


The Cloud Kitchens will also be liable for criminal liability by way of fines ranging from INR 1 Lakh to INR 10 Lakhs, in addition to the imprisonment ranging from 3 yrs – Life Imprisonment. Further, if the Cloud Kitchen is negligent in observing cyber due diligence, cyber law compliance while discharging its obligations under the law, then under Section 85 of the Information Technology Act, the top management as also middle management, each and every individual responsible will be cast with liability


Robo Kitchens are now a ground reality in India, wherein robots are playing the role of waiters, waitress while serving the food to the customers. The Robots make an entry to showcase the table for you to sit as also stand near such tables. The orders are usually placed through the tablets placed on each table. Once an order is placed, the same is delivered by the Robo from the kitchen and you may be needed to do a self service thereof at your table and you may be required to tap the exit option made available thereof. Further, all payments can be made through the tablet in digital formats.

While you may be thinking this is a Sci-fi movie, however, in cities like Hyderabad, Chennai, Bangalore, these are a reality. Further, robotic kitchen equipment are also a reality in the recent times, where in such equipment makes use of AI, IoT (Internet of Things), Robotics for preparation of food. All the required proportions and ingredients, instructions are pre-loaded by AI algorithms ensuring uniform taste while such food preparation.


While one may be thinking of the relationship between Robo Kitchen and Cyber Law. The answer is very obvious and simple, such Robo Kitchens make use of computers, computer systems, computer networks, computers resources, communication devices, data or information in electronic format, making them amenable under Cyber Law.


These Robo Kitchens add key colours to the Cyber Legal Landscape. The primary factum of discussion is the legal status of such robots. However, in broadest interpretation of the existing Indian Cyber Law, these robots can be considered as Computers under the Information Technology Act and any information generated out of these robots can also be considered as Electronic Records under the Information Technology Act.

The interesting question that crops up here is what is the legal status of such Robo Kitchens. Further, can such Robo Kitchens be considered as Intermediaries under the IT Act. How will the Cyber Due Diligence observed in this context. How is the free and informed consent applicable in this context? In case of any civil contraventions, how will the same be adjudicated. How can liability be subscribed in case of non-compliance, cyber security breaches, privacy breaches.

Can these Robo Kitchens have the capacity to enter into legal contract with customers for providing services? In the event of any issue, can these Robo Kitchens have the capacity to sue or the capacity to be sued? How will the Cyber Crimes arising out of such Robo Kitchens be handled?

While Cloud Kitchens, Robo Kitchens are spinning new colours to the wheel of Cyber Legal Jurisprudence, it will be very interesting to see how these will be driving the economies of these transient times. I believe that getting inside and shutting outside kind of approach cannot be the way of operating, running a Cloud Kitchen, Robo Kitchen. Cyber Law is going to be key aspect one has to consider with each passing day, month, year in the context of Cloud Kitchens, Robo Kitchen. I am of the opinion that Cyber & Data insurance will also emerge as evolving discipline with respect to Cloud & Robo Kitchens.

Latest news

Related news