India Needs A New And Better Cyber Law

Cyber law of India has become a nightmare due to growing interference of industrial lobbying in India. Thanks to the cyber criminal friendly nature of our information technology act, 2000 (IT Act 2000), now any cyber criminals can commit almost any cyber crime and go free.

This is so because the information technology amendment act, 2008 (IT Act 2008) has made almost all cyber crimes bailable i.e. the cyber criminals are entitled to bail as a matter of right.

Experts feel that, India does not have strong and effective cyber laws to deal with crucial issues like critical infrastructure, cyber security, cyber forensics, etc. India is blind towards cyber law, cyber security and cyber forensics requirements. The IT Act, 2000 is a poorly drafted law and badly implemented legislation. It is weak and ineffective in dealing with growing Cyber Crimes in India as it is the most Soft and Cyber Criminal Friendly Legislation of the World, says Praveen Dalal, Managing Partner of Techno Legal ICT Law Firm Perry4Law and Supreme Court Lawyer.

Another aspect that has made the present cyber law of India unconstitutional is absence of privacy laws and data protection laws in India vis-à-vis e-surveillance and Internet censorship powers. In the absence of Privacy and Data Protection Laws and Unaccountable and Unregulated E-Surveillance Provisions under the amended IT Act 2008, the E-Surveillance, Internet Censorship and Website Blocking Powers cannot stand the “Constitutionality Test” of Constitution of India, opines Praveen Dalal.

The fact is that ministry of communication and information technology (MCIT) has not been performing the functions and duties entrusted to it by Indian government. MCIT needs a complete overhaul and scrutiny of prime minister’s office (PMO).

To start with, MCIT must urgently start the initiative of drafting a new and effective cyber law of India. Once that is done, we can get rid of the bane named information technology act, 2000.

Aadhar Project And UIDAI Must Be Scrapped

One of the most controversial projects of India is unique identification project of India (UID project of India) or Aadhar project of India. The Aadhar project is openly and blatantly violating various civil liberties of Indian citizens. Even the unique identification authority of India (UIDAI) is devoid of any constitutional and legal status.

If Aadhar project and UIDAI are clearly unconstitutional project/authority why is Indian government wasting crores of money upon them? This is the most frustrating aspect of Aadhar project and UIDAI.

The only answer seems to be so that the Indian government can enhance its e-surveillance capabilities by clubbing Aadhar project with national population register (NPR) of India, national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), etc. These are only known projects and there may be many projects that Indian citizens may not be aware of.

According to Praveen Dalal, Supreme Court lawyer and leading techno legal expert of India, there is no second opinion about the fact that Aadhar Project and UIDAI are “Unconstitutional” in the absence of a “Constitutionally Sound Law” in this regard. This is more so when there are no dedicated Privacy Laws in India and Data Protection Laws in India, opines Praveen Dalal.

Surprisingly, the government of India has deliberately abstained from enacting suitable privacy and data protection laws in India. On the contrary, it amended the sole cyber law of India contained in the information technology act 2000 (IT Act 2000) through the information technology amendment act, 2008 (IT Act 2008).

After this amendment, unregulated, unaccountable and unconstitutional powers were obtained by Indian government regarding e-surveillance and electronic eavesdropping in India. This amendment was primarily made to accommodate projects like Natgrid, Aadhar, CCTNS, etc.

Even there is no lawful interception law in India. The present E-Surveillance and Phone Tapping practices adopted by India are “Unconstitutional” in the absence of a Constitutionally Sound Lawful Interception Law, says Praveen Dalal.

If we analyse the entire scenario, there are very strong ground to scrap Aadhar project and UIDAI till proper legal framework is at place. May be our Prime Minister Dr. Manmohan Singh would take initiative in this regard before it is too late.

E-Courts In India: Project Report For December 2010

India has been sleeping over crucial cyber issues like strong cyber law, effective cyber security and adequate cyber forensics capabilities. Further, industrial lobbying has kept the genuine national interests at far distance and introduced elements of commercial interests for the benefits of few.

Naturally, Parliament of India has not acted the way it was supposed to act in these crucial areas. The Parliament of India must scrap the cyber law of India i.e. information technology act, 2000 and enact an apt law that serves national interest rather than commercial interests of few big industrial players of India.

Besides the “inherent cyber criminals friendly weaknesses” of Cyber Law of India, it has also eliminated the chances of having good alternative dispute resolution mechanism through the use of Information and Communication Technology (ICT), says Praveen Dalal, Supreme Court Lawyers and Managing Partner of Perry4Law. Neither E-Courts nor Online Dispute Resolution (ODR) can be established and survive within the present Legal Framework of IT Act, 2000, warns Praveen Dalal.

Besides having virtually no legal framework for establishment of E-Courts in India and use of ODR for Dispute Resolution of Cyber Contraventions under the IT Act, 2000, even the National Litigation Policy of India (NLPI) has failed to consider E-Courts and ODR as effective methods of Speedy Trial and Judicial Reforms, says Praveen Dalal.

No wonder, we are waiting for the establishment of first e-court in India even till December 2010 and there is no use of ODR in India. The tenure of e-court committee of India has already expired and even the empowered committee of department of justice has not been constituted till now.

The worst in this situation that government of India can do is to entrust the responsibility of establishment of e-courts in India to industrial bodies and associations and their partners. Law Minister Veerappa Moily must urgently step in to salvage the situation that has already become very worst.

Will India Wake Up To Cyber Security Realities?

Industrial lobbying is a bane for India as it has been weakening Indian economy and Indian national, internal and external security. Take the issue of cyber law, cyber security and cyber forensics.

India has a pathetic and criminal friendly cyber law known as information technology act, 2000 (IT Act 2000). The same has been amended by the information technology amendment act 2008 (IT Act 2008) for the sole purpose of e-surveillance and Internet censorship activities in India. This present pathetic position of the IT Act 2000 is also due to the industrial lobbying that prevented Parliament of India from enacting a strong, effective and stringent cyber law.

According to Praveen Dalal, Managing Partner of techno legal ICT Law Firm Perry4Law and Supreme Court Lawyer, India is blind towards cyber law, cyber security and cyber forensics requirements. The IT Act 2000 is a poorly drafted law and badly implemented legislation. It is weak and ineffective in dealing with growing Cyber Crimes in India as it is the most “Soft and Cyber Criminal Friendly Legislation” of the World, opines Praveen Dalal. There is an urgent need to “Amend” the present cyber law of India and make it Robust, Effective and Stringent, suggests Praveen Dalal.

An issue related to this lack of cyber capabilities of India pertains to capabilities of law enforcement agencies to deal with cyber law and cyber crimes related cases. Presently, Indian law enforcement agencies have negligible capacity in this regard.

With the suggestion of The Central Bureau of Investigation Act, 2010 (The CBI Act 2010), the responsibilities of CBI would also be increased drastically in this regard, informs Praveen Dalal. However, CBI is not prepared to deal with issues like cyber law, cyber security and cyber forensics. In fact, CBI website has been defaced by alleged Pakistani crackers and is down for the time being.

India needs greater research and training in the fields of cyber war, cyber terrorism, cyber security, cyber forensics, cyber law, etc. India just has a single techno legal cyber security centre that is providing techno legal research, training and education in this regard. CBI and other law enforcement agencies must actively seek support of institutions or centers like the one managed by Perry4Law Techno Legal base (PTLB).

It has been a long time since India is sleeping over these crucial matters. It is high time for India to wake up and do something in this regard.

The Draft Central Bureau Of Investigation Act, 2010

One of the major problems with Indian law enforcement agencies and intelligence agencies is that they are virtually governed by no law. Experts of this field have been asking for the establishment of sufficient laws for law enforcement agencies and intelligence agencies of India for long.

The CBI, IB and RAW in India represent a case in which there is almost no law to look at. Further, there is no legally tenable mechanism that can keep an eye upon these agencies and their functioning. With the enactment of National Investigation Agency Act, 2008 some steps have been taken in this regard.

With the introduction of endemic surveillance and e-surveillance projects like Aadhar, national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), etc it has become absolutely essential to enact suitable laws in this regard.

According to Praveen Dalal, Supreme Court Lawyers and Managing Partner techno legal firm Perry4Law, there is an urgent need of “Parliamentary Oversight” of Intelligence Agencies and Law Enforcement Agencies in India as presently there is none. Fortunately, The Central Bureau of Investigation Act, 2010 has been drafted by the Indian Government and after proper deliberations and its finally passing by the Parliament of India, it may become an enforceable law very soon, informs Praveen Dalal.

However, is the CBI Bill sufficient to accommodate the growing requirements of civil liberty protections in India? Like all other similar Bill, even the CBI Bill is suffering from various “Shortcomings”, informs Praveen Dalal. The chief among them is absence of “Civil Liberty Safeguards” against possible misuse of projects like Aadhar, NATGRID, CCTNS, etc, opines Praveen Dalal. However, at least a good step in the right direction has been taken by Indian Governments, says Dalal.

Will Supreme Court Of India Protect Privacy Rights In India?

Enactment of suitable Privacy Laws in India is long overdue. However, the Government of India has not considered this issue to be important enough.This is so even if Projects like Aadhar, NATGRID, CCTNS, etc may be declared to be “Unconstitutional” by Constitutional Courts of India. The matter is pending before the Supreme Court and this occasion can be utilised by it for prescribing “Stringent and Suitable” Privacy Rights Guidelines.

In this “Guest Column” Praveen Dalal, Supreme Court Lawyer and Managing Partner of Perry4Law, has analysed the possibility of expansion of right to privacy in India by the Supreme Court of India.

Few things related to 2G Scam have happened in the right perspective so far at the Supreme Court of India. The questioning of Supreme Court regarding inaction on the part of Prime Minister’s Office (PMO) India, giving due credit to the CAG’s Report, accepting Ratan Tata’s Writ Petition regarding Privacy Rights Violation, etc are some of them.

The latest to add to this list is denial of Supreme Court to issue any “Interim Relief” in the Tata’s Writ Petition and issuing of notices to open and outlook magazines which had published contents of the alleged taped conversation.

Tata had sought an interim relief for restraining the respondents from further publication of recorded conversations between him and Radia. He also sought an Injunction that would prevent the publishing and circulation of the contents of these conversations in “Any Form”. However, is it possible and does it make any difference at this stage?

The answer seems to be in Negative although Tata may not like the same. This is because contents of conversations are already out in “Public Domain” and on multiple traditional and electronic mediums and platforms. It is not possible for the Supreme Court of India or even for the Government of India to do much at this stage and in this regard.

However, one aspect has skipped the attention of all parties to the Writ Petition and even of the Supreme Court. The sole purpose of Ratan Tata seems to be to protect “His Privacy Rights” by preventing the “Disclosure and Circulation” of conversation or communication recorded through “Surveillance Methods” of State machinery. At this stage this concern and demand seems to be “Infructuous” and “Academic Purpose” only. This is because even if Supreme Court of India provides the “Relief” that Tata is claiming “In Toto”, the “Contents” of the conversation would remain on Internet and this is next to impossible to remove.

There is a blessing in disguise in Tata’s Petition. This is a golden chance for the Supreme Court of India to analyse the “Implementation” of its decision in the PUCL case (Phone Tapping Case). The Supreme Court must “Widen” the scope of Privacy Rights in India not only in the context of Phone Tapping but in an “Overall Manner”. The Supreme Court must formulate and lay down the widest possible “Guidelines” regarding Privacy Protection in India as it has done in the Vishaka’s Case (Guidelines against Sexual Harassment).

I hope this Writ Petition by Tata would come as a rescue of Fundamental Rights in general and Right to Privacy of Indians in particular. The only question that remains to be seen is will the Supreme Court of India protect Privacy Rights of Indians at large? I am optimistic and would be glad to see this outcome.

Legal Framework For Mandatory Electronic Delivery of Services In India

Electronic governance (e-governance) is the best form of good governance. E-governance brings transparency, accountability and fairness in the governmental dealings with the citizens. Since e-governance is an administrative aspect, which may or may not be used by government and its officers, a legal framework is usually established so that electronic delivery of services can ensured.

E-governance in India has failed miserably barring very few and exceptional cases. This is because e-governance in India is ailing from various vices and shortcomings. To be successful, e-governance in India needs accountability and department of information technology (DIT) India must be answerable to the prime minister’s office (PMO), India.

National e-governance plan (NEGP) of India has already failed to a greater extent. Even ICT Trends in India 2009 by Perry4Law Techno Legal Base (PTLB) have marked the year 2009 “Blunder ICT Year” of India. The year 2009 saw some major information and communication technology (ICT) pitfalls and bad decisions were made by the Indian government. The year 2010 has been even worst where 2G scam and other administrative and legal lapses have been committed by DIT, India. It would not be wrong to conclude that India has become technologically bankrupt.

Many problems of NEGP and e-governance projects of India can be solved by enacting effective privacy and data protection laws in India. In the absence of privacy and data protection laws, projects like Aadhar, national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), etc can never be legitimate, legal and constitutional. Similarly, authorities like unique identification authority of India (UIDAI) are also illegal and unconstitutional in the absence of such laws.

However, the real problem with Indian e-governance initiative is that legal framework for mandatory electronic delivery of services in India is missing, says Praveen Dalal, Supreme Court lawyers and Managing Partner of India’s exclusive techno legal law firm Perry4Law. There is no effective legal enablement of ICT systems in India and even the Information Technology Act, 2000 is non-mandatory in nature in this regard, informs Praveen Dalal.

Naturally, e-delivery framework in India is in doldrums despite the contrary claims of Indian government. Further, e-infrastructure system of India is in big mess. Although, Right to Information Act, 2005 mandates that all public authorities must maintain their records in electronic form, yet this mandate has by and large been neglected by all public authorities of India, informs Praveen Dalal.

Perhaps, too much autonomy and powers have been given to the DIT, India by PMO. It is high time for the Prime Minister of India Dr, Manmohan Singh to ask time bound and actual results from DIT, India so that e-delivery of services in India can become a reality and not just paper achievement.

Where Are Privacy Rights In India?

Privacy rights in India have always been neglected. Indian government has obvious interests in not enacting a well define privacy that that can curb the excessive surveillance and endemic e-surveillance activities of sate and its instrumentalities. Even the civil society kept a mum up to a stage when e-surveillance and phone tapping has become epidemic. Now all of a sudden privacy issues has become a nightmare for Indian government.

To start with, data and privacy laws are missing in India. Even there is no sign that such crucial laws would be enacted for another five years or more. All past assurances of Indian government in this regard are just façade to keep civil liberties activists silent.

Further, there is no lawful interception law in India. Of course, we have a colonial law named Indian telegraph act that is not at all meeting the requirements of present time. Instead of enacting a suitable law that meets the requirements of Indian constitution, the Indian government is keeping the dead law alive for the sole purpose that its activities can remain free from judicial scrutiny and without legal obstacles. This law is also primarily used to engage in legal as well as illegal phone tappings in India.

On top of it are illegal and unconstitutional projects like Aadhar, national intelligence grid (Natgrid), CCTNS, etc and unaccountable authorities like UIDAI that are having an absolute free hand regarding funds, lack of accountability and absence of transparency.

UIDAI is one of the worst e-surveillance instrumentalities of India and prime minister’s office of India (PMO India) must take active steps to scrap Aadhar project and UIDAI till proper legal framework and adequate safeguards are at place.

Similarly, it seems that the Natgrid project would be imposed upon us by the cabinet committee on security (CCS). Although, Natgrid project has not yet been approved by CCS yet the way Home Ministry of India is lobbying there seems to be little hope that CCS would not be forced to grant its approval even after its own objections in this regard.

Similarly, there is little planning and coordination regarding CCTNS in India. In fact, CCTNS may not be accepted by various states of India in the absence of proper planning, guidelines and legal framework.

In all this drama, there is still little hope from the Supreme Court of India (SCI). The decision of SCI on the writ petition of Ratan Tata must also include the constitutionality of Aadhar project/UIDAI, Natgrid, CCTNS, etc. The SCI would be deciding about the conflicting interests of public interest and privacy rights but no such question arises when there is no public interest involved at all.

Indian government is violating privacy rights of Indians without just causes and in the absence of any legal framework. Let us hope the SCI would do justice to this situation and reformulate privacy norms for India as soon as possible and without delaying the matter too much. I hope the entire exercise of SCI is not limited to mere prohibition of release of phone tapping tapes.

Cyber Warfare Capabilities Must Be Developed In India

Cyber warfare is not a new term anymore. Although, its exact definition and scope is not clear yet none can deny the role of information warfare in the near future. Even India has also appreciated its importance. The best part is that this appreciation is coming from none other that the Prime Minister of India Dr. Manmohan Singh.

Dr. Manmohan Singh has issued clear directions to National Security Council (NSC) of India to work in the direction of establishment of cyber command authority (CCA) for India. Dr. Singh has also asked for putting in place an action plan before such an authority is set up. Dr. Singh has also rightly deferred the plan to set up CCA till a thorough review of the cyber threat is done.

However, India lacks proper expertise and training to undertake such an ambitious project and establish such an authority. We have a single techno legal cyber security research, training and education centre in India (CSRTCI). Further, we also have a single techno legal cyber security training and educational centre in India managed by Perry4Law Techno Legal Base (PTLB).

According to Praveen Dalal, CEO of CSRTCI and Leading Techno Legal Expert of India, Cyber Warfare Capabilities have assumed tremendous importance these days. The future Cyber Warfare would be even more mysterious, anonymous and dangerous. Further, the Indian Government even need not to spend crores of cash for this purpose if it opts for “Open Source” Software, suggests Praveen Dalal.

So the matter boils down to appropriate cyber security policy and adequate techno legal training. Dr. Manmohan Singh must include as many institutions and individuals as possible so that cyber security of India may become robust and effective.

Critical Infrastructure Protection In India Is Required

Critical infrastructure protection (CIP) in India (CIP in India) is an essential part of homeland security of India. Homeland security is assuming importance these days in India. However, homeland security of India needs urgent rejuvenation as the same is not up to the mark. As the concept is new, it would be fair if India take two or more years to streamline its homeland security.

Further, cyber security issues are also closely related to homeland security of India. On the front of cyber security as well India has to cover a long distance. India must develop cyber security capabilities as soon as possible.

Cyber Security and Homeland Security are in infancy stage in India, says Praveen Dalal, Managing Partner of Perry4Law and leading techno legal expert of India. Both of them are very important to preserve India’s Critical ICT Infrastructure Protection. Further, India also needs a separate Framework for Cyber Security, CIP and Homeland Security issues, suggest Praveen Dalal.

With the growing cyber threats against India like cyber terrorism, cyber warfare, cyber espionage, etc, it is very much required to have good cyber security strategy in India. India also needs to formulate suitable ICT policy covering all these crucial issues.

However, of all the requirements the most important one pertains to techno legal skill development in India. Indian government or its agencies do not have sufficient numbers of skill workforce to deal with issues like cyber law, cyber security, cyber forensics, cyber warfare, cyber terrorism, cyber espionage, etc.

We have just a single techno legal cyber security research, training and education centre (CSRTCI) in India. The CSRTCI is managed by Perry4Law Techno Legal Base (PTLB), one of the techno legal segments of Perry4Law and spearheaded by Praveen Dalal himself.

Finally, India has also not shown much interest in formulation of techno-legal crisis management plan (CMP). Although many talks in this regard have been undertaken, a concrete action in this regard is still awaiting.

Home Minister P Chidambaram must take initiative regarding cyber security, cyber forensics, cyber warfare, etc. Home Ministry is currently undertaking projects like Natgrid, CCTNS, etc and it would be a good idea to cover areas like CIP, homeland security, and CMP as well.

E-Surveillance Is Not A Substitute For Cyber Skills

I personally believe that our Home Minister Mr. P Chidambaram is a learned and honest person. However, he is also gullible. Whether it is multinational companies, foreign governments, law enforcement agencies, etc all of them are selling their “stale and failed ideas” to Mr. Chidambaram and he is willingly accepting the same with a generous heart.

It seems many people and companies have realised that India is a very good market when it comes to security and cyber security related products and services. However, what would Indian government do with cyber security products if it cannot use the same?

If the Home Ministry or Indian government is even little bit aware how concepts like cyber security and cyber forensics work, it must be aware of free and open source software (FOSS) and open source hardware.

The cost is just one of the factors. The real issue is to manage the affairs of Home Ministry in a constitutionally sound manner. Home Ministry has been mandating various acts or omissions that openly go against the spirit of Indian Constitution.

For instance, India has no constitutionally valid phone tapping law and phones are tapped in India on the basis of unconstitutional colonial laws.

Similarly, privacy laws and data protection laws have been deliberately kept out of the loop of legislative business of parliament of India to accommodate illegal phone tappings and e-surveillance. Even projects like Aadhar and authorities like UIDAI are working on this principle.

Encryption standards that are essential for strong cyber security and risk free e-commerce have been deliberately constrained to ridiculous levels. Companies like Blackberry, Skype, Google, etc have been asked for to surrender encryption keys so that law enforcement and intelligence agencies may snoop at will.

I think the real problem is that neither our executive/parliament/judiciary nor our law enforcement and intelligence agencies are aware of technical issues like cyber law, cyber security and cyber forensics. As an escape route they have decided to use e-surveillance as a substitute to cyber capabilities.

Mr. Chidambaram, e-surveillance is not the substitute for cyber security and cyber forensics capabilities. You must give suitable and practical training to your law enforcement and intelligence agencies in cyber law, cyber security and cyber forensics so that they can solve cases and save millions of precious lives in real time.

National security, and above that every single life, is very important but there must be checks and balances while exercising it. National security should not be used as a façade to violate civil liberties in India, which unfortunately is presently happening in India.

Lawful Interception Law Missing In India Says Praveen Dalal

In this “Guest Column”, Praveen Dalal Supreme Court Lawyer and CEO of Exclusive Human Rights Protection Centre in Cyberspace (HRPIC) of India, has shared his views regarding phone tapping and e-surveillance laws of India. The views and opinions are solely of Mr. Praveen Dalal and we do not endorse or substantiate his viewpoints.

It is both ironic and sad that laws used by British Government against Indians are used by our own Indian Government against its own Citizens. There are many “Draconian Colonial Laws” that were kept intact by Indian Government even if they go against the very Philosophy and Spirit of Indian Constitution. This is because these Outdated and Unconstitutional Laws are well serving the “Purposes” of Indian Government.

One of such laws that require an immediate repeal is the Indian Telegraph Act, 1885. It is the most abused law of India when it comes to Phone Tapping and Illegal Surveillance. The fact and truth is that India does not have a Legal and Constitutionally Sound Phone Tapping and E-Surveillance Law.

Even after the Supreme Court of India declared Right to Privacy a part of Article 21 of Indian Constitution, Indian Government kept at bay the requirement to protect Privacy Rights of its Citizens. Instead, it preferred to impose Projects and Authorities without any Legal Framework. This is nothing but a “Complete Failure” of “Parliamentary Democracy” in India. I wonder whether India has Separation of Powers anymore.

So much so that even after the Supreme Court’s Judgment in PUCL case prescribed minimum “Safeguards” against Illegal Phone Tapping, nothing has changed. The “Safeguards” provided by Supreme Court were “Sub Minimum” and even those Safeguards are not followed in India.

Naturally, even Private Individuals also jumped upon Illegal Phone Tapping and E-Surveillance business and they are openly operating in India. This is bound to happen because when even the Government is not “Fair”, it cannot expect its Citizens to be honest and upright.

Till now it is clear that India would not provide any sort of Privacy Rights to its Citizens and would not protect their crucial Data through a dedicated and strong Data Protection Law in India. The only safeguard that is available against Indian Government and Private Individuals from violating our Privacy Rights is to use “Self Defence Measures”.

This is the reason why I believe that Google, Skype, Blackberry, etc must not succumb to the pressures of Indian Government. They must strongly refuse to share any information regarding its users unless and until there is a “Court Order” in this regard.

Time has come for the Supreme Court of India to stop Indian Executive from Hijacking the Constitution of India, by bypassing both Parliament of India and Indian Judiciary. Since the matter is pending before Supreme Court, it can lay down “Stringent Requirements” before Phone Tapping and E-Surveillance can be conducted in India.

Computer Forensics Research And Development Needed In India

Cyber forensics or computer forensics in India is at the infancy stage. Cyber forensics is very important field that is required for many purposes. It is required for civil and criminal proceedings and it makes the criminal justice delivery system more effective and scientific.

However, despite the great demand for cyber forensics in India there is acute shortage of good cyber forensics experts in India. This is primarily due to lack of proper training and skill development institutions in India.

For instance, there is just a single techno legal cyber forensics training centre in India managed by Perry4Law Techno Legal Base (PTLB). We need more such training centers so that cyber forensics experts can be produced as per the contemporary requirements.

Once again we have a single techno legal cyber forensics research and development centre in India (CFRDCI) managed by PTLB and exclusive techno legal firm of India Perry4Law. The centre is not only doing research in the field of cyber forensics but also in allied fields like cyber security (CSRTCI), cyber warfare, cyber espionage, cyber terrorism, human rights protection in cyberspace, etc.

The centre is providing best practices for cyber forensics in India and is the exclusive repository for cyber forensics software in India. The best part of the centre is that it is managing the techno legal aspects of cyber forensics. Being techno legal it manages both legal and technical aspects of law and technology.

With the growing demands of cyber forensics in India, pressure upon the governmental laboratories and institutions is tremendous. Obviously, they cannot match the demand for growing cyber forensics requirements in the courts cases.

The government of India in general and Home Ministry in particular must actively look forward towards cyber forensics as an essential requirement for India. This is more so when projects like national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), etc would be launched very soon. Let us hope for the best in this regard.

Central Monitoring System Of India In Pipeline

The proposed central monitoring system (CMS) by department of telecommunication (DoT) is a good step in the right direction. However, the chances of its failure and misuse are much greater than unconstitutional projects like Aadhar, National intelligence grid (Natgrid), etc. The only thing that goes in favour of the proposed CMS is that Mr. Kapil Sibal is the present Minister for the Ministry that is entrusted to implement the project.

Mr. Kapil Sibal being a learned person and a man of integrity, CMS may also have “procedural safeguards” that is rarely considered and provided by Indian government. The decision to frame appropriate rules under the sole cyber law of India, i.e. information technology act, 2000, shows his intention to respect and protect privacy rights and data protection within the limited sphere of cyber law of India.

However, this does not mean that India should not formulate appropriate privacy laws and data protection laws. Absence of privacy laws and data protection laws in India has already made some of the most important projects and authorities of India illegal and unconstitutional.

For instance, Indian law enforcement and intelligence agencies are operating almost without any law. Similarly, Aadhar project and unique identification authority of India (UIDAI) are operating without any law. Phone tapping and e-surveillance in India is done without a constitutionally sound law and so on.

Let us hope that Mr. Kapil Sibal would realise that CMS means putting all telecom communication within the hands of selective people. These selective people must be transparent and accountable through proper safeguards otherwise the whole purpose of CMS would be to further strengthen phone tapping and e-surveillance powers of Indian government and its agencies. Needless to mentions, that would be illegal and unconstitutional like the previous initiatives of Indian government.

Legal Framework For Information Society In India

One of the most challenging tasks for India is to provide legal framework for information society. It is also known as legal enablement of ICT systems in India. The main component of this process is that legal and judicial systems are customised in line with information and communication technology (ICT).

The examples of such process include electronic courts (E-courts), online dispute resolution (ODR) mechanism, enacting good cyber law, enacting good laws regarding cyber forensics, etc.

In the Indian context, a significant growth has already been achieved regarding computerisation of traditional courts and their procedures. Many crucial aspects regarding Indian litigation like case list, case status, certified copies, etc are available online. This has also considerable reduced the backlog of cases in India.

However, despite this growth India has failed on almost all other fronts. For instance, till January 2011 we are still waiting for the establishment of first e-court in India. We do not have any ODR mechanism in India, we have an outdated and criminal friendly cyber law in the form of information technology act, 2000 that requires urgent amendments, we have no laws regarding cyber forensics in India, etc. In short, legal enablement of ICT systems in India has failed so far.

A recent development regarding legal and judicial reforms pertains to national litigation policy of India (NLPI). Law Minister Veerappa Moily has launched this policy and very soon the same may be finalised. However, NLPI also failed to consider legal enablement of ICT systems in India properly. It failed to address the requirements of e-courts and ODR mechanisms.

We at Perry4Law and Perry4Law Techno Legal Base (PTLB) have publically provided our suggestions in this regard especially regarding e-courts and ODR. Hopefully, these suggestions would be incorporated in the final NLPI. After all legal enablement of ICT systems is an essential part of legal and judicial reforms of India and it cannot be ignored for long.

IT Act 2000 Rules In Pipeline

Shri Kapil Sibal, the Union Minister of Ministry of Information and Communication Technology has recently announced action plan for his Ministry for the next 100 days. This was a much needed reform for the otherwise plagued Ministry that has been in controversies in the past.

Some of the initiatives proposed by Mr. Kapil Sibal have far reaching reformative implications. For instance, Department of Telecommunications (DoT) would hold consultations for a transparent regime of licensing, spectrum allocation etc. Similarly, legal framework for mandatory electronic delivery of services in India would also be considered.

However, the most important initiative that is in pipeline is the proposal to frame and notify the rules in respect of key sections viz. 43A (Data Protection), 70A (Protection of Critical Information Infrastructure), 70B (Agency to handle Cyber Security), 79 (Liabilities of Service Providers) relating to Cyber Security in the Information Technology Act.

Till now it is not clear what the hurry was that forced the government of India to bring half backed and knee jerk based amendments in the cyber law of India. The information technology amendment act 2008 made cyber law of India weak and criminal friendly. Naturally, cyber crimes increased drastically in India. The proposed amendments brought more harm than benefits.

To make the matter worst, important provisions like data protection, critical infrastructure, encryption standards, etc have not yet been enacted sufficiently. Even the rules pertaining to these crucial provisions have not been formulated.

At last, Mr. Kapil Sibal took charge of the department of technology (DIT) that would bring some accountability in the department. Further, his intentions to formulate proper rules for various crucial fields are also praiseworthy. Let us hope for the best but nothing short of suitable amendments in the cyber law of India can make it effective.

Telecom Disputes In India And Consumer Protection In India

Consumer protection in India got a boost with the enactment of Consumer Protection Act, 1986. It provided a power in the hands of Indian consumers to get appropriate, timely and effective grievances redressal against companies and individuals who had provided defective good or deficient services.

All was going well till Supreme Court of India passed an order regarding telecom disputes. The order, in short, mandates that in case of telecom disputes, consumer forums/courts do not have jurisdiction as appropriate remedy is by way of arbitration.

While the ambit, scope and merit of the order is debatable and controversial, yet it would be a good idea if the Consumer Protection Act (CPA) is properly amended to neutralise this decision, opines Praveen Dalal, a Supreme Court Lawyer and Leading Techno Legal Expert of India.

According to Dalal, the CPA was enacted long time back and contemporary Information and Communication Technology (ICT) related disputes and dispute resolution mechanisms were well beyond Parliament’s contemplation at that time. However, it is high time for the Department of Consumer Affairs in general and Parliament of India in particular to bring suitable amendments in the CPA to make it more effective and responsive, suggests Dalal.

With the growing grievance of consumers in the telecom sector, it would be a bad idea if these grievances and disputes are left out of the purview of CPA. The Department of Consumer Affairs must start the ball rolling and make a suitable amendment draft of CPA as soon as possible.

Consumer Complaint Filed Against Vodafone India

A consumer complaint has been filed against Vodafone India for deficiency in service and mental harassment at the Core Centre, supported by Ministry of Consumer Affairs. This is in continuance of the previous legal notices sent to Vodafone India in this regard.

Noted lawyer Praveen Dalal had previously issued a legal cum demand notice claiming compensation for Rs. 15 Lakhs in this regard.

Telecom companies are arbitrarily disconnecting the connections of its users by citing reverification requirements. However, none is questioning the dubious manner in which Telecom companies are collecting and then disposing the documents submitted by users at the time of getting connection.

Fortunately, department of telecommunication (DoT) is presently managed by Mr. Kapil Sibal who is reforming the entire telecom sector. When a complaint was filed to DoT in this regard, the same was transferred to Vodafone India for proper action.

However, there is an urgent need to overhaul the telecom policy of India by making it more transparent and accountable. Presently, common man finds it very difficult to deal with big telecom companies like Vodafone India.

There is also an urgent need to get timely and regular updates from telecom companies on the complaints and grievances of telecom consumers.

Investigation Agencies Of India Need Techno Legal Trainings

In this article my friend V.K.Singh has analysed the requirements of effective techno legal trainings of law enforcement agencies, CBI and intelligences agencies so that they can perform their duties more efficiently. These agencies also need good techno legal skills so that instead of demanding for weak encryption standards in India they may be able to deal with them in all situations.

Central bureau of investigation (CBI), India has learnt the cyber security lessons the hard way. It website has been claimed to be defaced by Pakistani crackers. It has been more than 20 days since the website of CBI was defaced. However, the initial defacement has raised a more serious issue.

The issue pertains to lack of cyber security capabilities of India in general and CBI in particular. India has been negligent in developing cyber security capabilities. Even if Indian ministers and bureaucrats talk about cyber security, it primarily pertains to website defacement.

Cyber security is a very wider and holistic concept. It has little to do with website defacement but primarily addresses the security of the entire cyberspace architecture. Surprisingly, CBI website is still offline and is down. Even the heavyweight departments like department of information and communication technology (DIT), India, national informatics centre (NIC), India, Indian computer emergency response team (CERT India), etc failed to do anything in this regard.

This has come as a severe blow to the cyber capabilities of CBI. A black spot on the otherwise good performance of CBI is lack of knowledge about techno legal issues like cyber law, cyber security, cyber forensics, etc. CBI must urgently develop cyber security and techno legal expertise.

For the time being there is no escape from the conclusion that law enforcement agencies and investigation agencies of India lack techno legal expertise in the fields like cyber law, cyber security and cyber forensics. This has drastically reduced their capabilities to solve cyber crimes through latest investigative technologies. They need good and effective training in this regard.

However, what is more worrying is the fact that even DIT, NIC and Cert India are no better situated. The website of CBI is a classic example of the same where India is hiding its lack of cyber capabilities behind the façade of security audit. After all security audit does not take months or years to finish if proper expertise is there.

This situation has created a serious threat to critical ICT infrastructure protection of India. With the present speed and efforts, Indian cyberspace is really vulnerable to all sorts of cyber attacks. India must immediately formulate an effective cyber security policy and follow the same in letter and spirit.

Telecom Policy Of India Is Anti Common Man

Department of telecommunications (DoT) India has been in controversies these days. These controversies were bound to arise due to defective, arbitrary and user unfriendly policies and strategies of DoT.

The telecom policy and respective notifications under the same, as issued by DoT from time to time, are seldom in public interest and are never for the benefit of telecom consumers. These policies are primarily drafted for the benefit of big telecom companies and self serving interests of DoT India.

Take few examples in this regard. Telemarketing nuisance is a well known fact in India. Neither DoT India nor telecom regulatory authority of India (TRAI) has done anything in this regard. Telemarketing woes and harassment would continue in India for at least five more years.

Similarly, the reverification requirements of DoT are arbitrary and anti consumer. Even if a person has deposited all her documents at the time of getting a connection, service providers like Vodafone India are harassing its users by passing the buck to DoT. If DoT does not take any action against companies like Vodafone, naturally DoT is the main culprit for harassing mobile users in India.

Another example is the number portability in India. DoT is extending the deadline for number portability in India from time to time. This gives mobiles users of India limited choice and force them to stick to their present service providers.

It seems the telecom policy of India is not at all meant for the common man. On the contrary it is harassing and troubling the common man.

Vodafone India Is Loosing Its Customers Over Reverification Issue

Vodafone India’s services are not upto the mark and its customer care services is even worst. The latest to add to the woes of Vodafone’s users is the reverification drive that has harassed many Vodafone customers. Surprisingly, even after submission of proper and complete documents, Vodafone customers are again asked to resubmit the same.

This has also damaged the reputation and trust of Vodafone and after the number portability comes into force, a dominant segment of Vodafone customers may switch to other mobile service providers.

Noted lawyer Praveen Dalal has even sent a legal notice to Vodafone India regarding its reverification process. After the legal notice, Vodafone India tried to pass the buck to department of telecommunication (DoT) India.

It seems Vodafone India has been negligent in handling the sensitive document of its users and thereby makes these users vulnerable to frauds and identity thefts.

Companies like Vodafone India are misusing the concepts of national security and public interest by citing DoT regulations. DoT has nowhere mentioned that Vodafone must dump the document submitted along with the connection and ask for them again and again.

By disconnecting user’s connections, Vodafone India is also violating the consumer laws of India and is engaging in unfair trade practices.

DoT, India must initiate an inquiry in this regard especially where the original documents submitted with Vodafone India have gone? In fact, these lost documents may pose many security related problems as well.

The matter has been brought to the knowledge of DoT Minister Mr. Kapil Sibal by Praveen Dalal and let us hope Mr. Sibal would bring some order in the otherwise unregulated world of Indian telecom sector in general and Vodafone India in particular.

Vodafone India Playing Security And National Interest Card

In this “Guest Column”, Praveen Dalal, Managing Partner of Perry4Law, shares some insights regarding the reverification drive of DoT India and service providers like Vodafone.

At last I got some insight about the “Reverification Drive” of Department of Telecommunication (DOT) India and mobile service providers like Vodafone. A person named Rahul Sindwani of Customer Care, Vodafone, finally contacted me to explain the rationale for unilateral disconnection exercise of mobile services of Vodafone India in the name of “Reverification”.

He informed that as per DOT guidelines they have instructions to disconnect all cellular connections, whose documentation is found non-complaint by the “authorities”. Now this is interesting on at least two counts. First, Vodafone has passed the buck upon DOT India for this whole mess. Secondly, who are these “Authorities” that see whether the documents in question are complaint or non complaint? Is it DOT, India or the Security and Intelligence Agencies?

It also raise an important question that if complete and proper documents in question have already been submitted at the time of getting connection, why Vodafone/DOT are again asking for the same? Without knowing who checked our documents and what deficiencies, if any, have been found by them, it is very difficult to believe the argument of DOT/Vodafone regarding lack of proper documentation. Perhaps, it is high time for a Right to Information Application (RTI Application) against DOT/Vodafone.

Vodafone also played the classic card of “Security” and “Public Interest” for this whole mess. Where is “Public Interest” in harassing law abiding and honest citizens and what “Security” purposes it is going to serve?

Meanwhile, I have once again communicated with Vodafone and asked for further details like the rationale for resubmission of documents, by whom my documents have been analysed, who are the authorities that analyses the documents, how would Vodafone indemnify the users whose documents have been misused and why should not a Consumer Case and Civil Proceeding be started against Vodafone.

I hope I would get some good, concrete and logical answers this time and not another eye wash response by Vodafone. Of course, the option of filing an RTI Application to elicit truth is always available to me.

Vodafone India Served Legal Notice For Reverification

In what seems to be a much required development, Praveen Dalal, a Supreme Court Lawyer, sent a show cause cum legal notice to Vodafone, Delhi regarding illegal and unreasonable demand for deposit of documents for reverification that have already been submitted by millions of Indians, including him.

It is also learnt that e-mail has also been sent to Minister Kapil Sibal in this regard bringing to his notice the arbitrary manner in which the entire reverification exercise is conducted by Vodafone, Delhi.

Mobile service provider like Vodafone have been using unreasonable and arm twisting techniques of disconnecting the connections of law abiding and honest users who have already submitted all the required documents at the time of getting connection.

Further, there is no assistance of any sort from Vodafone customer care that never replies back to the grievances of its users. This is definitely against the license terms and conditions that asks service providers like Vodafone to provide qualitative services to its users and resolves all their grievances and disputes.

In the past the department of telecommunications (DoT) has been too friendly with telecom companies and this is the reason why controversial issues like 2G scam took place.

DoT India must establish a procedure where the illegal and unreasonable practices adopted by telecom service providers can be analysed and curbed. Presently, the service providers have a free hand and this is a nightmare for the end users.

With Kapil Sibal as the new Minister, we can expect efficiency, transparency and accountability of telecom dealings. Although he has much more important tasks at hand, it would be a good idea if he analyses the reverification menace created by service providers like Vodafone as well.

Complaint Against Indian Department Of Telecommunications Filed At DARPG

Department of telecommunication (DoT) India has issued instructions to mobile service providers to “reverify” it pre paid connection subscribers. Even if a consumer had duly submitted relevant and complete documents at the time of pre paid connections, she is again asked to resubmit the same.

This is against the principles of good governance and is a bad policy decision as it is harassing law abiding and honest people. So far millions of connections have been disconnected due to this paranoid drive of DoT, India.

In a welcome step, Praveen Dalal, Supreme Court Lawyer, filed a complaint at DARPG against DoT/Vodafone. He has also sent a show cause cum legal notice to Vodafone.

He has maintained that this process of reverification is violating the consumer law and other laws of India. He has also raised issue of “indemnification’ in case either the previously submitted documents or newly asked documents are misused by any person.

In case of misuse, both mobile service providers like Vodafone and DoT India must be held responsible for the loss arising out of misuse of such documents.

If this drive of reverification continues, consumer cases and civil proceeding may be filed by thousands of people and this situation must be avoided by government of India. When the national litigation policy of India (NLPI) is looking forward for fewer litigation matters, bad policy decisions by DoT India may frustrate the whole purpose.

Critical ICT Infrastructure Protection In India

Critical infrastructure protection (CIP) in India (CIP in India) is an essential part of homeland security of India. Homeland security is assuming importance these days in India. However, homeland security of India needs urgent rejuvenation as the same is not up to the mark. As the concept is new, it would be fair if India take two or more years to streamline its homeland security.

Further, cyber security issues are also closely related to homeland security of India. On the front of cyber security as well India has to cover a long distance. India must develop cyber security capabilities as soon as possible.

Cyber Security and Homeland Security are in infancy stage in India, says Praveen Dalal, Managing Partner of Perry4Law and leading techno legal expert of India. Both of them are very important to preserve India’s Critical ICT Infrastructure Protection. Further, India also needs a separate Framework for Cyber Security, CIP and Homeland Security issues, suggest Praveen Dalal.

With the growing cyber threats against India like cyber terrorism, cyber warfare, cyber espionage, etc, it is very much required to have good cyber security strategy in India. India also needs to formulate suitable ICT policy covering all these crucial issues.

However, of all the requirements the most important one pertains to techno legal skill development in India. Indian government or its agencies do not have sufficient numbers of skill workforce to deal with issues like cyber law, cyber security, cyber forensics, cyber warfare, cyber terrorism, cyber espionage, etc.

We have just a single techno legal cyber security research, training and education centre (CSRTCI) in India. The CSRTCI is managed by Perry4Law Techno Legal Base (PTLB), one of the techno legal segments of Perry4Law and spearheaded by Praveen Dalal himself.

Finally, India has also not shown much interest in formulation of techno-legal crisis management plan (CMP). Although many talks in this regard have been undertaken, a concrete action in this regard is still awaiting.

Home Minister P Chidambaram must take initiative regarding cyber security, cyber forensics, cyber warfare, etc. Home Ministry is currently undertaking projects like Natgrid, CCTNS, etc and it would be a good idea to cover areas like CIP, homeland security, and CMP as well.