Cyberspace, the term first coined by the American-Canadian writer William Gibson in 1984, primarily includes computer systems and related software that ensure connectivity of telecommunication systems and their constituent data. In today’s world of fast-changing technology, individuals are dependent on gadgets, technology and the resultant networks, not only in their personal lives, but also in professional spheres. This creates dangers of intrusion in data systems. Concerns related to privacy are, therefore, not unfounded.
Cybercriminals, whose intention is to make fast money by playing on the fears of individuals and organisations, resort to extortion at times. Their activities can endanger the reputation of people and institutions. The use of sophisticated technologies by terror groups, organised gangs of criminals — many of them involved in violent activities — and other illicit agents is a national security threat. With rapid digitisation, almost all developmental activities of the government face a variety of threats.
While acts of cybercrime are often an end in itself, most such activity — ransomware attacks, cyber extortion, phishing, hacking — is also an attractive financial proposition for organised gangs and terrorists. There have been reports of drug traffickers using the dark net and social media to conduct their activities. The net has also become a place for training in fabricating IEDs and obtaining weapons and explosives and money laundering through the use of cryptocurrency.
Crimes like cyberbullying, cyberstalking and sextortion affect the psyche of young people, especially teenagers who are at a vulnerable age — psychiatrists have reasoned at times. Such activities can result in victims taking an extreme step. Cybercrimes are putting the country’s social fabric under strain. Government organisations and law enforcement agencies do conduct awareness programmes. But the lure of finding out “unknown” and “interesting things” from phishing emails and messages seems to be strong — it traps people while criminals thrive.
The government is aware of the enormity of the problem posed by an ever-expanding cyberspace. It also sensitive to concerns about regulations restricting access to cyberspace. After a lot of deliberations, it has come up with the Digital Personal Data Protection Bill, 2022. The data privacy/protection bill is a landmark piece of legislation that aims to regulate how companies and organisations use the data of individuals inside the country. The bill aims to protect the digital privacy of individuals, especially on matters related to personal data, specify the flow and use of such information and create a relationship of trust between persons and entities that process data. A draft of the Bill categorises data into three categories — critical, sensitive, and general. Sensitive data — financial, health, sexual orientation, biometrics, transgender status, religious and political beliefs and affiliation – can only be stored in India. It can be processed outside the country only with explicit consent. Critical data will be defined by the government from time to time. This too must be stored and processed in India. There will be no restriction on storing and processing general data.
The Ministry of Home Affairs has created a robust useful and effective portal to aid victims of cybercrime and it has been effective in countering this malaise to a great extent.
However, the effective implementation of any law depends on the efficient discharge of duties by, and coordination amongst, all stakeholders including individuals, organisations, network service providers and the government. It is also imperative to strike a balance between confidentiality, integrity and availability of data and information. The Data Protection Bill aims to do that.
The writer is a retired IPS officer
