January 26, 2009 3:18:06 am
In this globalised world,national borders still exist and nations take whatever steps are necessary to protect them.
Unlike the physical world,cyberspace is borderless. And its size is increasing since more and more activities are carried through it buying of goods or services,online transfer of funds through banks,emailing,interfacing with people through social networking sites,and exchanging pictures,videos or music. Cyberspace and the physical world thus seamlessly overlap. And this overlap extends to crimes it is also used as a medium to exchange information for carrying out very real terrorist activities and financial fraud.
Beefing up the mechanisms that prevent such crime is essential for internal security. It is in this context that the passing of the Information Technology (Amendment) Bill has to be viewed: to inspire trust in e-commerce and e-governance,we need appropriate law. Most countries have created separate laws to deal with computer misuse; India chose to have an omnibus law when it legislated the IT Act,2000,that included not only provisions for electronic records,digital signatures and certifying authorities but also those that deal with unauthorised access to computer systems and some forms of cyber crime.
Cyberspace has seen a significant increase in crimes worldwide. Unsurprisingly,given that India is home to the fourth highest number of Internet users in the world,cyber crimes recorded a 50 per cent jump in 2007 over the previous year. Not many of the cyber criminals could be brought to justice for want of adequate enabling provisions and other techno-legal requirements for collection of cyber forensic evidence and its acceptance in courts of law. Besides a host of crimes that were not covered in the Act,there were problems due to the non-availability of data logs in ISP servers,at cyber cafes and so on.
Amendments to the IT Act address cyberspace security for data protection. These are based on consultations with industry experts,and deliberations of a parliamentary select committee. It was not passed hurriedly; nor were the clauses a result of recent happenings; rather,data protection issues for the continued growth of outsourcing was the major driver.
The section defining cyber security defines it as protecting information,equipment,devices,computer,computer resource,communication devices and information stored therein from unauthorised access,use,disclosure,disruption,modification or destruction.
Cyber terrorism too has received similar attention,having been defined carefully and it includes Attacks on critical infrastructure with intent to disrupt economy,governance,financial sector,public safety,energy,and health. These are provisions India needs. We cannot assume that terrorists are slow to adapt.
Mumbai is witness to their ability to update their technology. The terrorists used an array of technologies from GPS navigators,satellite phones,BlackBerries,cellphones with switchable SIM cards that were difficult to track,to remailers to send anonymous emails. Arming law-enforcement agencies with appropriate legal provisions and with stringent punishment options is thus essential.
Sections 69 and 69A of the amended Act empower the state to issue directions for interception,monitoring,decryption and blocking of traffic in the interest of national security or of friendly relations with foreign states. These actually serve to increase transparency,not intrusiveness,since the procedures and safeguards subject to which the state will carry these out will have to be prescribed. Similarly,Section 69B deals with monitoring and data collection,and procedures and safeguards will have to be prescribed. Yes,it is easy to use words like snooping; but actually it is no different from how powers already with the state under the Indian Telegraph Act,1885 (upheld by the Supreme Court) to intercept calls have been interpreted.
The amended IT Act is a step in the right direction. It strengthens the data protection regime,and makes cyberspace more trustworthy since cyber criminals,whether engaging in data and identity theft,financial frauds or posing threat to national security through acts of cyber terrorism,will be brought to justice.
The writer is CEO of NASSCOMs Data Security Council
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines
- The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.