Saturday, September 26, 2009

Indian Information Technology Amendment Act 2009 In Pipeline

Cyber Law of India is in real bad shape and it requires immediate attention and amendments. The Law Ministry of India has finally shown some interest in this regard by accepting the suggestions of experts like Praveen Dalal.

The Information Technology Amendment Act, 2008 (IT Act 2008) has been passed on 23rd December 2008 and received the assent of President of India on 5th February, 2009. However, it has not been “notified” yet (till 24th September 2009) and if we are honest it is not difficult to realise that it would never be notified despite ignorant contrary claims. This uncertainty has even resulted in wrong prosecutions that are not justified by any law or practice. The fact is that no rights and liabilities can be claimed under the Act 2008 till it is notified by the Central Government U/S 1(2) of the Act 2008.

Although some misinformed and ignorant cyber law observers believe that the IT Act 2008 is a good piece of law yet the Law Ministry of India must remain unaffected and unguided by their claims. The Law Ministry must avoid falling into the traps of the self claimed cyber law experts who are neither lawyers nor have knowledge of cyber law. Further, the Ministry must also not pay much attention to the “bureaucratic alliances and favours” to the industry players who are lobbying real hard to make the Information Technology Act, 2000 (IT Act, 2000) a weak piece of legislation.

It would be good idea to consult real and knowledgeable techno-legal experts this time by the Law Ministry. Praveen Dalal, the leading Techno-Legal Expert of India and Managing Partner of Perry4Law opined that the Law Ministry of India would commit a big mistake by approving the present IT Act, 2008. On the contrary he suggested that the Law Ministry must “reformulate” the amendments and should come up with the Information Technology Amendment Act, 2009 (IT Act 2009).

The Law Ministry of India has accepted the suggestions of Praveen Dalal regarding introducing IT Act, 2009, strengthening Extradition Law of India to effectively challenge the cyber crimes, including effective provisions regarding cyber war and cyber terrorism in India, International harmonisation of cyber law, providing sound cyber law and cyber security regime in India to encourage foreign direct investment and outsourcing to India, etc.

The IT Act 2009 is expected to be introduced within the next two months during the winter session of the Parliament. Let us hope that we can expect some sensible and effective legislation this time from the Law Ministry and Ministry/Department of Information Technology (DIT) that is neither based upon industry lobbying nor upon the naïve suggestions of the self claimed cyber law experts and corrupt and ignorant bureaucrats.



Monday, September 21, 2009

Techno-Legal Expert Doubts Effectiveness Of Criminal Tracking Network and Systems Of India

Besides having a bad cyber law India also has pathetic cyber security and inadequate cyber forensics capabilities. In the absence of requisite legal framework and expertise, is the government of India justified in spending thousands of crores of hard earned public money on projects that are going to fail? Techno-Legal experts like Praveen Dalal have been reiterating this fact time and again. Will the government of India listen or keep on wasting millions of money upon hit and trial projects?

The Central Government is working upon a Rs 2,000-crore ambitious project titled Crime and Criminal Tracking Network and Systems (CCTNS). Its purpose is to bring all 16,000 police stations in the country under a single network. The same is designed to counter terror challenges and will become operational by 2011-12. The Home Ministry is working on the CCTNS infrastructure. This linking of all police stations with a centralised system would help in easy and effective information sharing and action taking.

However, the real question is will India be in a position to firstly establish and then actually implement this ambitious project? There is no doubt that India does not have experts to establish and manage this highly technical system. Further, even if we train enough people to man this system, it may fail to produce results.

Praveen Dalal, the leading Techno-Legal Expert of India and Managing Partner of Perry4Law is of the opinion that India should first arrange for good techno-legal experts before jumping upon the technical terrains of CCTNS. He further informs that a similar initiative undertaken by the US Government to modernise the FBI’s crime tracking system known as the Virtual Case File failed miserably due to lack of planning and effective strategies.

The good thing about the proposed CCTNS project is that the government has time to put it in place till 2012. However, keeping in mind the past experience as well as the governmental capabilities this seems to be dream beyond accomplishment. Till the governmental will is there to achieve the results, these highly glamorous projects are at best a bad policy decision to waste hard earned public money.



Saturday, September 19, 2009

DoT Compromised National Security By Succumbing To Global Carriers' Remote Access Demand

The demand for allowing Remote Access (RA) by global carriers in India has got a nod from the Department of Telecom. RA is a provision that will enable them to monitor the services they provide to corporate clients in India from locations abroad.

THE DEPARTMENT of Telecom (DoT) has given nod to the demand by foreign carriers in India- AT&T, British Telecom, France Telecom, Verizon & Cable & Wireless- that their Indian operations be allowed Remote Access (RA), a provision that will enable them to monitor the services they provide to their corporate clients in India from locations abroad.

These global carriers will also be allowed to transfer user information of their clients to locations outside India.

Surprisingly, the intelligence agencies did not raise the national security concerns regarding this crucial decision of the DoT. When the otherwise useful VOIP services have been recommended to be banned by the intelligence bureau (IB) there is no reason why remote access should be allowed.

Is it the double standards adopted by the IB and DoT or are they serving the commercial interests of the big telecom service providers? It is high time that the Central government must step in and take some concrete steps to avoid immature decisions of these natures.Constituting a core group or task force in this regard may be helpful especially for a department like DoT that has been continuously providing absurd policy decisions from time to time.



Friday, September 18, 2009

Is The Unique Identification Authority of India (UIDAI) Legally Constituted?

India seems to be following the hit and trial method for some of the most crucial projects in India. The end result is obvious, i.e. wastage of crores of public money and violation of civil liberties of the Indian citizens. In this “guest column”, Mr. Praveen Dalal , Managing Partner of Perry4Law has shared his valuable insights in this regard.

India is notoriously infamous for creating authorities and agencies without any legal sanction and framework. Surprisingly, a majority of them pertains to law enforcement and intelligence agencies like CBI, IB, RAW, etc. What India is actually doing is using administrative circulars and executive orders to give legitimacy to these institutions. Why these circulars and orders have still not been declared “unconstitutional” by Indian judiciary is still a bigger mystery?

The latest in the league is the Unique Identification Authority of India (UIAI) managing the proposed Unique Identification Cards for Indian citizens. Where is that authority, what are its rules and regulations, what legal framework is supporting it, what are the legal and technical safeguards available for the possible misuse of the same, etc are some of the questions that would always vex the Indians.

It seems India has developed a habit of constituting “multiple agencies” without and legal framework and sanctions. This would result in more troubles than solutions. None can dispute that the unique identification number's database is too precious to be handled so casually.

On the front of security and safety of unique identification number's database, even Nandan Nilekani has accepted these concerns to be “legitimate one”. For instance, it would be a big task to secure such database from possible hacking and free from any misuse.

Invasion of Privacy of Indian citizens by Indian Government and its Agencies is certainly going to be there in future. This is more so when the Indian Government has openly declared its Policy to adopt endemic surveillance and e-surveillance over Indian citizens. The Indian Government would spend 800 Crores hard earned public money for tapping all phones in real time. Ironically, Indian citizens’ money would be used against Indian only and that also in an illegal and unconstitutional manner.

With the “Judicial Silence Strategy” adopted by the Delhi High Court and Supreme Court of India, the fate of the already scarce Privacy and Data Protection Rights in India is going to face extermination. It would be a good idea to call for explanation form Indian Government and stressing upon establishment of proper safeguards before departing with any sensitive information to the Unique Identification Authority of India (UIAI).

Mr. Praveen Dalal, Managing Partner of Perry4Law, is the Leading Techno-Legal Specialist of India and is an Internationally renowned Expert in the fields of Cyber Forensics, Cyber Security, Cyber Law, etc. These are his personal views and opinion.



Monday, September 14, 2009

Police Reforms And Empowerment In India In Pipeline

Pointing out that the 26/11 Mumbai terror strike was the tipping point for revamping the country’s security, Home Minister P. Chidambaram Monday said security and police agencies have to depend increasingly on technology and innovation to combat new-age terror.“This conference must mark the beginning of a process of reinventing the security system in the country. We must learn from our past mistakes. We must also learn from the experience of other countries,” said Chidambaram while addressing a three-day conference of police chiefs at Vigyan Bhavan here.

“It is the neglect of tried and tested methods that has led us to a situation where we seemed unequal to the challenges that face the internal security of the country,” Chidambaram said. However, it is not enough to walk with firm steps on the path that is known. We must also lay out a path forward that will draw heavily upon technology and innovation.”

In this context, Chidambaram pointed to the Crime and Criminal Tracking Network & Systems (CCTNS) and the National Grid (NATGRID). The two ambitious projects, when fully rolled out and implemented would mark a quantum jump in police forces’ ability to counter challenges, the home minister said.

The CCTNS with an outlay of Rs.20 billion aims at creating a comprehensive and integrated system for enhancing the efficiency and effectiveness of policing at the police station level through adoption of principles of e-governance. It also provides for the creation of a nationwide networked infrastructure for evolution of IT-enabled state-of-the-art tracking system around investigation of crime and detection of criminals in real time.

The home minister, who was impressed with New York’s National Counter Terrorism Center (NATC) during his US visit last week, said he wanted to replicate the same in India as well as enlarge the scope of the Mutli-Agency Centre that analyses intelligence inputs. “There is the need to enact a model police Act. Mega-city policing is a new requirement, and there is much to learn from the experiences of other mega-cities. I wish to sharply upgrade our Forensic Science Laboratories and make them among the best in the world.” “Prison reform is also on my agenda,” he said.

The home minister exhorted police chiefs to throw up more ideas and suggestions that would, when implemented, give people a security system they deserve and that will render India a country that is safe for all its people and for all those who visit it.


Thursday, September 10, 2009

Legal Framework For Law Enforcement And Intelligence Agencies Is Urgently Required In India Says Expert

Mr. B.S.Dalal is the Senior Partner at Perry4Law. He is a qualified Lawyer and Consultant and has vast Techno-Legal experience and expertise. In this precise and apt piece of work he has correctly and wisely put forward the legal dilemma through which the Indian law enforcement and intelligence agencies are undergoing. There is an emergent need on the part of Indian government to resolve these issues as soon as possible.

Legal framework is the backbone for any crucial function of the government. This is more so where the law enforcement and intelligence activities of the State are involved. Law enforcement and intelligence activities and functions touch the most basic aspects of a person’s life. That is why we have strong human rights and constitutional protections that safeguard the life and liberties of such persons.

It would be both ironical as well as violation of basic human rights and fundamental rights if the law enforcement and intelligence activities are conducted in an illegal, unreasonable and improper manner. The duties, functions, liabilities and rights of these law enforcement and intelligence agencies must be specified in an unambiguous and proper manner. There is no scope for any sort of ambiguity in these functions of the State.

For instance, the British Security Service is one of three intelligence services or “Agencies”. These include the Secret Intelligence Service (SIS), commonly known as MI6, the Governmental Communications Headquarters (GCHQ), and the Security Service (MI-5). While there are significant differences between the British and US legal structures for law enforcement and intelligence services, MI6 is most like the CIA, GCHQ resembles the NSA, and the Security Service most closely resembles the FBI. All of them are constituted under duly enacted legislative frameworks.

Surprisingly, India has taken a very strange approach in this regard. The CBI, IB and RAW in India represent a case in which there is almost no law to look at. Further, there is no legally tenable mechanism that can keep an eye upon these agencies and their functioning. With the enactment of National Investigation Agency Act, 2008 some steps have been taken in this regard. However, the viability and constitutionality of this Act is yet to be checked. When the Center encroaches upon the powers of the States, constitutional crisis and disputes are bound to arise.

The winter session of the Parliament is approaching soon and a holistic and sensible approach in this crucial direction would go a long way in providing a durable law enforcement and intelligence agencies legal framework in India.



Wednesday, September 9, 2009

Judicial Reforms Are Urgently Required In India

India is in emergent need to adopt judicial reform as public trust and confidence in Indian judiciary is at its nadir. E-Courts have the potential to remove the mammoth backlog of cases existing in India but India does not have expert individuals and firms to implement this ambitious project.

Judicial reforms in India have become the pressing need of the hour. This is so because the huge backlog of cases is increasing on the one hand and the efficiency of the courts is decreasing on the other. This is happening because the numbers of judicial officers are much shorter than the required strength. If there is not an urgent, immediate and holistic judicial reforms drive in India, the judicial system of India is going to collapse.

Here lies the importance of information and communication technology (ICT) for rejuvenating the dying judicial system of India. ICT can provide the most viable solution of e-courts in India for reducing the backlog of cases.

E-Courts in India have tremendous potential to reduce the backlog of cases. However, establishment and implementation of e-courts requires techno-legal expertise that is presently missing in India. As a result e-courts projects in India always failed from time to time.

Ironically India has very few e-courts experts who can really give Indian e-courts project a shape. However, till now neither the Indian government nor the Supreme Court e-court committee has seriously though about taking help of the experts in this regard.

Praveen Dalal, Managing Partner of Perry4Law and the Leading Techno-Legal Specialist of India is of the opinion that we nee pro-active role on the part of government as well as e-court project management team to successfully implement the same. He maintains that the backlog of cases would ultimate crush the legal and judicial system of India if a timely action is not taken immediately. Establishment of timely e-courts is a good option in this regard according to him.

Even on the legislative side as well India is lacking far behind. India has the sole cyber law in the form of information technology act, 2000. The same is inadequate on many counts and cannot accommodate the requisites of e-courts in India. Further issues of cyber forensics and cyber security would also impede the e-courts projects in India. The national e-governance plan must also be suitably reformulated in his regard. The government must act immediately to get the desired results.

Finally, judicial reforms are a “collective task” that cannot be achieved by any single player. The government of India must come up with an expert committee or working group in this regard so that the collective expertise of various experts can be taken at the earliest possible occasion. However, the government of India must act fast before it is too late to do anything.



Wednesday, September 2, 2009

The Demise Of IT Act 2008

Governmental dealings are very apparent provided we are willing to understand and accept the same. For instance, the Information Technology Amendment Act, 2008 (IT Act 2008) has been passed on 23rd December 2008 and received the assent of President of India on 5th February, 2009. However, it has not been “notified” yet (till 2nd September 2009) and if we are honest it is not difficult to realise that it would never be notified despite ignorant contrary claims. This uncertainty has even resulted in wrong prosecutions that are not justified by any law or practice.

As per the latest report, the government has claimed that it would finalise in a month the rules of the IT Amendment Act, which deals with issues like cyber crime and data interception. "We have already put up draft rules of the IT (Amendment) Act on the website and have also received comments. We are trying to finalise the rules within a month," Department of Information Technology (DIT) Secretary R Chandrashekhar told reporters on the sidelines of a CII conference in New Delhi on Monday.

It is clear that we need to reformulate the IT Act 2000/2008 in order to make it effective. There is neither a requirement nor a possibility that the IT Act, 2008 would be notified by the government of India even after one month. In all probability a new IT Act 2009 would be formulated in the winter session of the Parliament.

The IT Act 2008 is already dead and we must move forward and enact the IT Act 2009 that must be not only comprehensive but holistic as well. It would be a good idea if experts are consulted this time before enacted the IT Act 2009 otherwise it would also face the same fate as it predecessor did.