Privacy Laws In India

We have no dedicated privacy laws in India and data protection laws in India. Naturally, this is a troublesome and undesirable situation. The supreme court of India has interpreted Article 21 as empowering Indian citizens with right to privacy in India.

However, despite this constitutional protection, various governmental projects in India are opening ignoring Article 21 and are clearly violating the same. This is happening because we have no national privacy policy in India.

Further, we have no privacy laws in India as well. Although some privacy guidelines have been issued by one or two departments of Indian government yet they are far from satisfactory and cannot replace a well structured privacy law of India.

Privacy rights in the information era require a totally different outlook. In fact, privacy rights form an essential part of civil liberties protection in cyberspace that India is presently ignoring.

For instance, consider the projects like Aadhar, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), etc.

They must be supported by a techno legal framework and must be civil liberty complaint. Presently, none of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny. These projects are openly violating various human rights/civil liberties, including right to privacy.

It is high time to formulate privacy laws in India so that constitutional freedoms and rights are not considered to be just legal jargon we no actual implementation.

Techno Legal Decryption Solutions By PTLB

A Government Panel has recently given its opinion that Encrypted Services in India would not be banned even if the Intelligence agencies cannot “Intercept” these Encrypted Communications. This would not be pleasant news for Home Ministry of India and Intelligence Agencies of India who now have to acquire Techno Legal Intelligence Gathering Skills to deal with Encrypted Communications.

Home Ministry of India and Intelligence Agencies never understood the point that E-Surveillance can never be a “Substitute” for Intelligence Gathering Skill and Cyber Skills. Now the message has been delivered, they must start working in the direction of acquiring good Techno Legal Intelligence Gathering Skills.

The Intelligence Infrastructure of India is in bad shape. The same needs an “Urgent Rejuvenation”. Projects like National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and System (CCTNS), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), National Counter Terrorism Centre (NCTC), etc cannot be “Outsourced” to Private Companies as far as their “Core Functions” are concerned. Otherwise, the whole purpose of such Projects would be defeated. In order to perform the Core Functions of these projects, Intelligence Agencies and Law Enforcement Agencies of India must develop necessary Skills in this regard.

To start with we must formulate the Encryption Policy of India. Till now we have neither an Encryption Policy of India nor do we have Encryption Laws and Regulations in India. The second step must be to enter into Public Private Partnerships (PPP) with IT Experts who can help the Home Ministry in successfully completing its various Projects. The next step must to provide Techno Legal Trainings to Intelligence Agencies and Law Enforcement Agencies of India.

Indian Government must develop solutions “Independent of E-Surveillance” so that Intelligence Agencies can decrypt secure and highly encrypted data and voice and written communication transferred across secure networks via Internet.

At Perry4Law Techno Legal Base (PTLB) we can assist the Indian Government and its agencies to establish Techno Legal Intelligence Infrastructure of India. The same would include using both Technical as well as Legal Mechanisms to deal with Encryption and Decryption issues.

Our Techno Legal Solutions are “Specifically Designed” to cater the needs of Human Rights Protection in Cyberspace. Since access to Internet is now a Human Right as per United Nations, Indian Government must implement all its Projects keeping in mind Human Rights and Fundamental Rights as enshrined in the Constitution of India.

Cyber Crisis Management Plan Of India

Crisis Management is an important aspect of planning and management of any project or eventuality. If we have a proper Crisis Management Plan, losses of lives and property is minimised to a great extent. We have Crisis Management Plans in India against floods, earthquakes and other natural calamities. However, are we prepared for Cyber Crises in Indian Cyberspace?

India has formulated a Crisis Management Plan for its Cyberspace. However, like other Policies and Strategies in India, it has not been implemented in true letter and spirit. Even the basic level Cyber Security Preparedness in India is not up to the mark.

There are many aspects of a Cyber Crisis Management Plan. For instance, Cyber Security, Cyber Law, Cyber Forensics, Anti Cyber Terrorism Plans, Anti Cyber Espionage Plans, Anti Cyber Warfare Plans, Human Rights Protection in Cyberspace, Critical ICT Infrastructure Protection, etc are some of the “Components” of a Cyber Crisis Management Plan.

Theoretically, India has a Cyber Law in the form of Information Technology Act 2000 (IT Act 2000), Cyber Security in the form of Government Guidelines, Cyber Forensics Practices in Governmental Laboratories alone and so on.

However, practically we have no Cyber Crimes Laws in India as the Cyber Law of India has made almost all the Cyber Crimes “Bailable”. We may have a Cyber Law but India has no Cyber Crimes Law. So Legal Framework for preventing Cyber Crimes is “practically missing” in India.

As far as Cyber Security is concerned, we have no Cyber Security Laws in India and no Cyber Security Policy in India. The Governmental Guidelines are meant for Government Departments alone and even these Government Departments do not follow the same. Government Websites are the most frequently defaced websites in India. Similarly, Government Computers are the “most successfully breached” Computers in India. Computers of Defense Forces, Prime Minister’s Office (PMO), Ministry of External Affairs (MEA), Ministry of Home affairs, etc have been successfully breached without even notice by these Ministries/Offices.

As far as other components of Cyber Crisis Management Plan of India are concerned, even they do not exist in India. We have no Cyber Forensics Laws in India, no Cyber Terrorism Policy in India, no Cyber Warfare Policy in India, no Critical ICT Infrastructure Protection Policy in India and no Human Rights Protection in Cyberspace in India.

In fact, Projects like Aadhar, NATGRID, CCTNS, Central Monitoring System (CMS) of India, etc are openly violating the Human Rights of Indians. These Projects are operating without any Legal Framework, Parliamentary Oversight and Judicial Scrutiny.

Even the basic Privacy Rights in India are missing. It is only now the Law Ministry of India has proposed the Right to Privacy Bill 2011 of India. Further, Data Protection Law in India is urgently required. We also need a Data Security Policy of India so that sensitive information and data of projects like Aadhar, NATGRID, CMS, etc is not “misused” once it falls in the wrong hands.

India cannot have a robust and effective Cyber Crisis Management Plan till it considers these aspects and actually starts working in the direction of achieving these components.

National Security And Internal Security Infrastructure Of India

National security of India has recently received a rejuvenation attempt by the Government of India (GOI). This is good news at a time where the national security issues are grossly ignored in India. The national security of India and internal security of India are suffering not only on the count of lack of political will but also due to absence of suitable policies and strategies.

The ICT Trends of India 2009 have also proved that India has failed on the fronts of Cyber law of India, Cyber Terrorism in India, E-Courts in India, E-Learning in India, Unique Identification Project of India, Serious Frauds and White Collar Crimes, National Security Issues, Crime Reporting by Media, Internet Banking Frauds, Cyber Security of Defense Forces, Cyber War in India, E-Surveillance in India, etc.

According to Praveen Dalal, Managing Partner of Perry4Law and the leading Techno-Legal Expert of India, “Indian approach in this regard is not sensible at all. We should not invest thousands of crores of Indian rupees into security projects that can be manipulated and sabotaged in minutes. Rather we should first analyse the weaknesses and security holes of the same before buying and installing it.

After all security of a Nation is proper application of “common sense” rather than wasting unlimited amount of money. Crime and Criminal Tracking Network & Systems (CCTNS) of India, Unique Identification Authority of India (UIAI), Rs 800 crores centralised facility to control phone tapping activities in India, etc are some of the projects that require common sense application before their implementation. They have to be tested in a “limited environment” before using them in a full fledged manner, says Praveen Dalal.

It seems Indian security initiatives have to be holistically analysed and suitably applied. The Indian security infrastructure and workforces are not in good shape and require rejuvenation. We need a techno-legal security workforce and not personnel who do not have even the basic facilities and technological means and knowledge. The terrorist attacks have really shattered the deep pervasive false sense of security present in the Indian government mentality. We have to think and act against such internal and external threats by going beyond a "political debate". We can fool ourselves by bragging about India’s capabilities and victories against terrorism and cyber terrorism and keep on facing future attacks and bear the traumatic casualties. Alternatively, we must accept our weaknesses against such attacks and take constructive steps to anticipate, prevent and counter such future terrorist and cyber terrorism activities, warns Praveen Dalal.

With a new ray of hope shown by the recent stress upon national security of India we can expect some good results in this direction. However, India is famous for mere assurances and proposals without actually implementing them. Similarly, due to faulty management and policies even the implemented projects have failed in the past. Let us hope that this time India would do the proper homework before starting an initiative that it cannot implement and run.

SOURCE: MYNEWS

TECHNO-LEGAL SUPPORT AND TRAINING FOR CRIME AND CRIMINAL TRACKING NETWORK AND SYSTEMS (CCTNS) PROJECT OF INDIA

Crime and Criminal Tracking Network & Systems (CCTNS) Project (CCTNS Project) has been approved by the Cabinet Committee on Economic Affairs. It has a financial cushion of Rs.2000 Crores as per the 11th Five Year Plan. The Project would be initiated by the Ministry of Home Affairs and implemented by the National Crime Records Bureau. The CCTNS project is to be implemented in a manner where the major role would lie with the State Governments in order to bring in the requisite stakes, ownership and commitment, and only certain core components would be in the hands of the Central Government, apart from the required review and monitoring of project implementation on a continuing basis.

The broad objectives of the CCTNS project are streamlining investigation and prosecution processes, strengthening of intelligence gathering machinery, improved public delivery system and citizen-friendly interface, nationwide sharing of information across on crime and criminals and improving efficiency and effectiveness of police functioning. The Project aims to fulfill various specified objectives over a period of three years. An indicative list of e-services expected from CCTNS to citizens would be filing of complaints / information to concerned Police Station; obtaining status of complaints / cases registered at Police Stations; obtaining copies of FIRs, post-mortem reports and other permissible documents etc.

CCTNS Project is a complicated and time consuming initiative. It must be preceded by suitable “Policy Framework” as well as by “Adequate Techno-Legal Training” of the persons going to manage the same. A similar initiative undertaken by the US Government to modernise the FBI’s crime tracking system known as the “Virtual Case File” failed miserably due to lack of planning and effective strategies. There is no sense in wasting Rs.2000 Crores and then realising that grave mistakes failed the much needed imitative. We must “Eliminate all the possible and anticipated causes of failures” one by one to achieve the best results. We must enhance a “Techno-Legal Training Infrastructure” before jumping upon this unexplored arena.

Perry4Law is one such “Techno-Legal Training Providers” which can manage the Policy, Training, Education, Implementation, Enforcement and Other Aspects of the CCTNS Project and similar projects. Perry4Law is the First and Exclusive Techno-Legal ICT Law Firm of India and one of the Best in the World. It is providing Techno-Legal Services regarding Cyber Law In India, Cyber Security in India, Cyber Forensics In India, Due Diligence And Cyber Law Compliances In India, ADR And ODR In India, etc. Perry4Law is the only Firm that is providing Services regarding E-Courts In India, E-Judiciary In India, Digital Evidencing In India, Legal Enablement Of ICT Systems In India, Techno-Legal And Cyber Law Expert Witness Services In India, Critical Infrastructure Protection In India, Critical ICT Infrastructure Protection In India, Legal Framework For Information Society In India, etc.

PTLBTM/SM is one of its Premier and Highly Specialised Techno-Legal Initiatives that is providing Consulting, Litigation, Training, Education and Skill Development Services regarding Cyber Law In India, Cyber Security In India, Cyber Forensics In India, Cyber Terrorism in India, Cyber War in India, Ethical Hacking in India, etc.

Perry4Law and PTLBTM/SM also possess Techno-Legal Expertise to provide “International Best Practices” and implementation of “Models and Functionality” in the areas of “Policing, Public Security, National Security, Internal Security, etc regarding CCTNS Project and similar Projects. Perry4Law has also provided a “10 Point Legal Framework for Law Enforcement and Intelligence Agencies in India” to the Government of India. Further, Perry4Law has also provided a techno-legal Framework for E-Surveillance in India and its limits, legalities, constitutionality, etc.

For availing the Cyber Law, Cyber Security, Cyber Forensics and other Techno-Legal Professional Services of Perry4Law, visit its “Contact Point” and fulfill the prerequisites mentioned therein.