India
has been working in the direction of strengthening its Cyber Security
Capabilities. As India is a late entrant in this field, Cyber
Security in India is still not upto the mark. The Cyber
Security Trends and Developments in India 2013 (PDF) provided by
Perry4Law’s Techno
Legal Base (PTLB) have proved that India is weak in the field of
Cyber Security. The Offensive
and Defensive Cyber Security Capabilities of India are yet to be
achieved.
We have no dedicated Cyber
Security Laws in India as on date. The Information Technology
Act, 2000 (IT Act 2000) is the sole Cyber Law of India that also
indirectly talks about Cyber Security. The IT Act 2000 is
silent on the issue of conferring legal immunity to hackers and other
Law Enforcement Agencies while countering cyber attacks and this is a
cause of concern for the Intelligence Agencies of India. It is also
true that the Intelligence Agencies of India are also not subject to
Parliamentary
Oversight that is need
of the hour.
International
Legal Issues of Cyber Attacks are a cause
of concern for India and India need to upgrade her Cyber Security
Capabilities. Intelligence Agencies of India are planning to acquire
such capabilities with “No Legal Obligation Attached Whatsoever”.
This is a draconian power that cannot be conferred to them as that
would violate the Civil
Liberties Protection in Cyberspace of Indian Citizens. To make
the matter worst, we have no dedicated Privacy
Laws in India and Data
Protection Laws in India (PDF). Even the Right to Information
Act, 2005 is not applicable to Intelligence Agencies and many Law
Enforcement Agencies of India. India “Must
Reconcile” the Civil Liberties and National Security
Requirements that is presently not happening.
It has been reported
that following security agencies’ demand for legal immunity in
cyber deterrence cases, the Deputy National Security Adviser is
working on setting up An Inter-Ministerial Group to look into the
issue. The Intelligence Bureau has said legal authority for cyber
deterrence is very important for agencies in dealing with matters
like terrorism. Citing the example of some countries, which have
oversight mechanism, agencies have demanded legal immunity.
For example, the United States has a mechanism in
place to monitor foreign accounts. However, U.S. is also making its
Intelligence Agencies “Accountable” to the Parliament and there
are many Statutory Protections against “Abuse of Powers” of these
Intelligence Agencies. In India there is no such “Procedural
Safeguards” and Intelligence Agencies are openly violating various
“Constitutional Protections” and Civil Liberties.
India’s own Projects like Aadhar,
National
Intelligence Grid (NATGRID), Crime
and Criminal Tracking Network and Systems (CCTNS), National
Counter Terrorism Centre (NCTC), Central
Monitoring System (CMS), Centre for Communication Security
Research and Monitoring (CCSRM), Internet
Spy System Network And Traffic Analysis System (NETRA) of India,
etc are violative of Civil Liberties Protection in Cyberspace. None
of them are governed by any Legal Framework and none of them are
under Parliamentary Scrutiny.
Now the Intelligence Agencies are demanding the
power of “Hack at Will” without any “Legal Ramifications”.
National security is not a “Blanket Protection” against Illegal
and Unconstitutional E-0Surveillance and Eavesdropping. It seems the
Intelligence Agencies of India are asking for this “Illegal and
Unconstitutional Power” that “No Sensible Government in its Right
Mind” would allow.
In a recent meeting on Cyber Security, a
representative of the Department of Telecommunication (DOT) said the
Department could make some provisions in the Calling Line
Identification (CLI) Guidelines that will enable monitoring of at
least Foreign Nationals in the country.
The Deputy National Security Adviser, Nehchal
Sandhu, is working on setting up an Inter-Ministerial Group
comprising the Law Ministry, the Department of Electronics and IT,
the Department of Telecom (DOT), IB and the Home Ministry to identify
gaps in existing legislation and regulations as well as measures to
bridge them.
However, there are “No Such Gaps” as are
contemplated by the Deputy National Security Adviser. In effect, the
Group is considering how to “Further Confer” Illegal and
Unconstitutional Powers upon the Intelligence Agencies. This is
really unfortunate as the Group must consider how to make the
Intelligence Agencies and Law Enforcement Agencies of India
Accountable to the Parliament and how to “Safeguard” the
“Constitutional Rights” of India Citizens that are openly
violated by these Agencies.