Wednesday, January 19, 2011

Cloud Computing: A New Landmine For Privacy In India

Cloud computing is a cost effective and efficient service provided it is managed as per legal and moral standards. One of the biggest roadblocks for cloud computing is legal and regulatory issues. Cloud computing has been in controversies for violation of legal provisions in general and privacy rights in particular.

In the past telecom companies have been criticised for illegal and unlawful disclosures of private information of their users. For instance, the secret NSA program, working with AT&T and Verizon, recorded over 10 million phone calls between American citizens. This caused a fear among privacy advocates about the extent to which telecommunication companies can monitor their user activity.

Similar fears and contravention applies to cloud computing service providers, especially where there are no privacy laws and data protection laws. Clearly there is no universal or harmonised legal framework regarding cloud computing and telecommunications privacy. It varies from nation to nation and jurisdiction to jurisdiction. India has no dedicated privacy laws, data security laws and data protection laws.

Similarly, cyber security and cloud computing security issues are also by and large unresolved in India. India has no cyber security law in place. Event the sole cyber law of India, i.e. information technology act, 2000 is useless for preventing growing menaced of cyber crimes in India.

With companies like research in motion (RIM) openly declared their intentions to allow cloud computing base data access for blackberry services in India to intelligence agencies and law enforcement agencies, this trust deficit has widened further. Fortunately, Google rightly refused to part with encryption keys regarding its Gmail services. This is a bold step on the part of Google and others must also follow the same path.

There is no reason whatsoever that cloud computing would not violate privacy rights, data protection principles and data security practices in India. In fact, there is a very bright possibility that all these unlawful acts would happen in India without any legislative safeguards and court orders.

If you are privacy conscious do not use cloud computing in India and oppose governmental use of the same for public delivery of its services. The fact is that India is not yet ready for cloud computing.

Indian Cyber Defence Must Be Strengthened

Technology and polices do not go well in India. Policy and legislative issues regarding technology are never considered properly in India. We have a weak and criminals friendly cyber law in India, absence of cyber security to protect our cyberspace, inadequate cyber forensics capabilities, lack of legal enablement of ICT systems in India and so on.

The list is endless and there is no need to further add failures in the fields of e-governance, e-readiness and other ICT projects of India to this list. However, what is worrisome is the fact that Indian computers and cyberspace is highly vulnerable to cyber crimes and cyber attacks.

India has no guidelines and policies regarding crucial issues like critical ICT infrastructure protection, protected systems, cracking of crucial and strategic governmental computers and systems, defence force empowerment for cyber warfare, etc.

Even there is no protection against cyber espionage and cyber terrorism in India. This sad position exists in India because our Parliament did not find important enough to ensure legal enablement of ICT systems in India and to ensure strong and robust laws regarding these crucial issues.

What is more frustrating is that India is wasting crores of public money on illegal and unconstitutional projects that have been rightly rejected by countries like US, UK, etc. However, India found these projects worth trying and is eager to throw away crores of public money rather than utilising it for the real and effective betterment of India.

We do not need Aadhar project, Natgrid, CCTNS, e-surveillance and snooping capabilities, etc. These projects are just cash cows that few IT companies of India and abroad are encashing. We need real and effective cyber security and national interest oriented projects.

India is sleeping over crucial issue and is adopting absurd and unconstitutional projects for the sole benefit of few. Industrial lobbying has really taken its toll on the cyber law, cyber security and cyber forensics front in India. Let us hope India would wake up from its deep sleep before it is too late. Let us also hope that India would develop timely, effective and robust cyber security offensive and defensive capabilities urgently.