Cyber security is no more a science fiction but has become a much
needed reality. World over regulatory and technical issues have vexed
the legislators as cyber security is a techno legal issue. In order
to effectively deal with cyber security, the legislators need to
adopt a techno
legal approach. Cyber security community and stakeholders
are unanimous on the opinion that the international
legal issues of cyber security must be resolved. Indian
response vis-a-vis cyber attacks is also clear and India
endorses international cooperation regarding cyber security.
Perry4Law
Organisation (P4LO)
has been managing a dedicated blog on international
legal issues of cyber attacks and cyber security.
It is the exclusive techno legal blog on the topic not only in India
but in entire world. The blog has covered many techno legal aspects
like use of cyber
espionage malwares,
need for the national
security policy
of India, legal
immunity
against cyber deterrent acts in India, open
source intelligence
through social media websites, protection
of Indian cyberspace,
national
counter terrorism centre (NCTC)
of India, cyber
security challenges
of India, cyber
preparedness
of India, the Wassenaar
Arrangement and cyber security issues, intelligence
agencies reforms in India, banking cyber security, techno
legal analysis of Gameover
Zeus, cyber
crimes insurance in India, smart
cities cyber security in India, etc.
The problem with cyber
law and cyber security issues is that they not only involve multiple
jurisdictions but they are also governed by different set of laws. A
single act of cyber crime may have legal ramifications in more than
one jurisdictions. It is also possible that an act or omission may
be cyber crime in one jurisdiction whereas it may be allowed in
another. In short, conflict
of laws in cyberspace are very difficult to manage in the
absence of a true global cyber
law and cyber
security treaty (PDF).
As
far as India's readiness regarding cyber security capabilities are
concerned, India is still concered a sitting
duck in the cyberspace
and civil liberties fields. We at Centre of Excellence for Cyber
Security Research and Development in India (CECSRDI)
believe that Modi government must take cyber security very seriously.
The cyber
security challenges in
India would increase further and India must be cyber prepared to
protect its cyberspace. CECSRDI believes that the starting point is
to draft the cyber
security policy of India 2015
as the 2013
policy is highly
defective and of little significance.
We
also believe that a dedicated cyber
security law of India is
need of the hour. The same must be a techno legal framework keeping
in mind contemporary cyber security threats. Further cyber
security disclosure norms in India
must be formulated by Modi government. The cyber security awareness
in India must be further improved with a special emphasis upon
clearly specifying the cyber
security obligations of directors of Indian companies.
As
on date Indian laws, policies and efforts are not sufficient enough
to curb the menace of cyber crimes. Cyber attacks, etc happening at
the global level. In the absence of global harmonisation of laws in
the fields like cyber law and cyber security, India has no other
option but to strengthen its own cyber law and cyber security
capabilities.
A
particular cause of concern is that many developed countries have
been engaging in illegal and unconstitutional e-surveillance not only
on their own citizens but upon Indian citizens as well. They would
not be interested in a harmonised global legal framework for cyber
law and cyber security. Unfortunately, India has also adopted the
e-surveillance methods and have launched many illegal and
unaccountable e-surveillance projects like Aadhaar,
Natgrid,
Central
Monitoring System (CMS),
etc. The worst has come in the form of unaccountable and unregulated
Digital
India project of Modi
government that has become the digital
panopticon of India.
Instead of concentrating upon information security and data
protection, Indian government is actively working against civil
liberties protection in India. Till now there is no encryption
policy of India (PDF)
that can ensure information and data security.
In
these circumstances it is really difficult for Indian government to
effectively mange the international legal issues of cyber attacks.
Nevertheless, a start must be made by Indian government as soon as
possible. We hope Indian government would realise the importance of
cyber security very soon.