Showing posts with label International Cyber Security Treaty And India. Show all posts
Showing posts with label International Cyber Security Treaty And India. Show all posts

Thursday, January 12, 2012

India Must Stress Upon International Cyber Law Treaty

United States (US) has been working in the direction of making laws that are primarily targeted towards foreign websites. This means that foreign websites that are indulging in unethical behaviours like cyber crimes, intellectual property rights (IPRs) violations, etc can be forced to be taken down or blocked in US by US government.

While this is a policy decision of US that has been widely criticised yet very few have raised points regarding violations of IPRs by US companies of foreign nationals. For instance, if an Indian has to inform a US website of copyright violation, he has to essentially follow the provisions of Digital Millennium Copyright Act (DMCA) 1998. In fact, even those US websites that are themselves not following DMCA and are not entitled to “safe harbour” provisions are insisting upon DMCA notices.

Clearly, US policy towards IP violations of foreign nationals needs to be revised. On the contrary laws like Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 (PIPA) and the "Stop Online Piracy Act (SOPA) has also been proposed. They target foreign nationals and websites with almost no additional liabilities for US websites and citizens. Clearly, US websites and companies are forcing US and other nations to enact laws like SOPA and PIPA by not taking down IPRs violating materials.

If the attitude of US websites and companies is not changed other countries may also consider enacting draconian laws like SOPA and PIPA. In the absence of reciprocal arrangement between US and India, the least India can do to prevent cyber crimes against and IPRs violation of Indian citizens is to block websites that engage in such activities. This is more so for those websites and Internet intermediaries that deliberately ignore compliances of Indian laws.

While laws like SOPA and PIPA are targeting foreign websites including Indian websites yet the foreign websites, including US websites, are not complying with Indian cyber law and copyright law. The Indian Copyright Act, 1957 and Indian Information technology Act, 2000 prescribes various civil, criminal and administrative penalties that are presently not implantable against such foreign websites. India must seriously discuss this issue with US as this also amounts to non compliance of the provisions of Trade-Related Aspects of Intellectual Property Rights Agreement (TRIPS Agreement).

The real problem in this regard seems to be that there is no International cyber law treaty that is universally followed. Different countries have different cyber laws and this result in confusion and non enforcement. Even there is no international cyber security treaty that can be followed globally. International cyber law treaty and Indian role cannot be underestimated in this regard.

India must stress upon formulation of an international cyber law treaty to safeguard the interests of its own citizens as countries like US are doing in the absence of mutual cooperation.

Thursday, October 6, 2011

Cyber Warfare Policy Of India

Cyber Warfare is a concept that is not clear yet. Some believe that there is nothing like Cyber Warfare as there is no involvement of traditional military actions. Others believe that Cyber Warfare is a reality of the present time and future wars would be fought in Cyberspace. Whatever the opinion may be but it is clear that Nations have to protect their Critical ICT Infrastructures and Strategic Computers from growing Cyber Attacks.

Cyber Warfare and Cyber Terrorism are issues that cannot be taken lightly by any Country. From these threats emerge the necessity of having a robust Cyber Security for Defense Forces in India. These issues are important as they strike at the very root of the Critical ICT Infrastructure Protection in India. However, India is not doing the needful in this regard. Cyber War Capabilities should be an Integral Part of Indian National Defense and Security.

India needs a sophisticated and robust Technological Command Centre to defend its global network of computer systems. It must develop both offensive and defensive capabilities under one roof. Strategic information and tactical inputs are essential part of modern warfare that can be lost or gained through Cyber War methods. There is no doubt that India needs good Cyber War Capabilities to meet the growing threats of Cyber Warfare.

Malware are posing significant threat to India yet there is no attention towards Cyber Security in India. For instance, we need Express Legal Provisions and Specified Policies to deal with issues like Denial of Service (DOS), Distributed Denial of Services (DDOS), Bots, Botnets, Trojans, Backdoors, Viruses and Worms, Sniffers, SQL Injections, Buffer Overflows Exploits, etc. Till now India has done nothing in this crucial direction and we are still waiting for the Cyber Security Policy and Strategy of India. Obviously, we have no Cyber Warfare Policy of India as well. Even the Cyber Law of India is weak and ineffective and deserves to be repealed.

The biggest hurdle before curbing Cyber Warfare Threats at the International level is Lack of Harmonisation in this regard. Till now we have no “Internationally Acceptable Definition” of Cyber Warfare. Further, we have no Universally Acceptable Cyber Crimes Treaty as well. There is also no International Cyber Security Treaty. India is not a part of any International Treaty or Conventions regarding Cyber Crimes, Cyber Security, etc.

We cannot have a Cyber Terrorism Policy in India till we have a Cyber Crimes Policy in India, Cyber Security Policy in India other similar Policies. Indian Government must urgently work in this crucial direction as it is the most urgent need of the hour.

Wednesday, August 17, 2011

Cyber Security Laws, Lawyers And Law Firms

Techno legal fields like cyber law, cyber security, cyber forensics, cyber warfare, cyber terrorism, etc were never considered to be a cup of tea for lawyers and law firms. This may be due to many factors like lack of knowledge, absence of suitable cyber security laws, non remunerative nature of techno legal issues, etc.

One positive development that I have recently noted about these techno legal fields is that lawyers and law firms have started exploring the areas like cyber law, cyber security, cyber forensics, etc. Although the number of such lawyers/law firms is negligible yet the growing interest in the techno legal fields would increase such number sin future.

Further, techno legal issues would also change the way traditional businesses and transactions would be carried out in future. For instance concepts like cyber insurance, online dispute resolution, e-courts, digital evidencing and e-discovery, media forensics, cyber forensics, etc would be very much used in future.

However, technology laws have their own peculiar problem. Cyber laws are generally curative in nature as against the desirable preventive requirements. They are formulated keeping in mind the crimes/cyber crimes that have already taken place instead of what cyber crimes can possibly happen in future. In short, cyber laws must be “futuristic” in nature as against “historical” in their applicability.

A very crucial factor that has resulted in limited growth of cyber law and cyber security practice world over is that we have no internationally acceptable cyber law treaty and international cyber security treaty. For instance, India is not a party to any international cyber law treaty and is thus free to formulate its cyber laws as per its own requirements.

However, the cyber laws due diligence requirements are already well laid down world over, including India. Business houses and companies cannot take these requirements of cyber due diligence casually. Even the Reserve Bank of India (RBI) has asked banks to ensure robust cyber security for their banking transactions. Despite these cyber due diligence and cyber security requirements, companies, banks and organisations are not coming forward to adopt them.

Naturally, with the increase of litigations and disputes only, these stakeholders would come forward to check the legal issues arising out of use of technology by them. Further with an active use of public private partnership (PPP) model by all countries of the world, governments and private players are combining their knowledge and resources to provide better results. Slowly and steadily lawyers and law firms would also joined this PPP model.

With issues like cyber espionage and cyber warfare, the traditional armed forces and legal fraternity are now collaborating upon a very unique platform where lawyers need to have a sound knowledge of both law and technology. It seems the techno legal community alone would be able to dare to explore issues like cyber law, cyber security, etc in future.

Monday, July 4, 2011

International Cyber Security Policy Framework And Indian Response

International Organisations are not taking much interest in the field of Cyber Security and prevention of Cyber Crimes. Of course, at the National level countries like US have laid down their International Strategy for Cyberspace.

The Government Departments in US have also shown an increased Cooperation in the field of Cyber Security. Now US Department of Defense (DOD) and Department of Homeland Security (DHS) would share their respective Cyber Security Expertise.

Further, US has also started strengthening its Cyber Security ties with other Nations and India US Homeland Security Dialogue was a part of the same. In fact, India and US have also signed a Cyber Security Cooperation Agreement. Meanwhile International Organisations have also shown their seriousness towards Cyber Crimes and they have started working in this direction.

However, Cyber Security in India is not upto the mark. We have no Cyber Security Strategy in India. Despite the importance of this issue, we have no “Effective and Implementable” Cyber Security Policy in India.

Further, we have no Cyber Warfare Policy of India, Critical ICT Infrastructure protection Policy in India, Data Protection Laws in India, Cloud Computing Policy in India, Cyber Security Laws in India, etc. Important issues like Cyber Crisis Management Plan of India, Cyber Forensics Laws in India, Legal Enablement of ICT Systems in India, etc are still not part of National Policies and Strategies of India.

At the International level we have no International Cyber Law Treaty and International Cyber Security Treaty that are “Universally Acceptable”. Further, the United Nations and other countries have still to Protect Human Rights in Cyberspace that are blatantly violated World over.

Cyber Security is essentially an International Issue and regional efforts are not conducive for the long term security of Cyberspace. For instance, EU has set up a Cyber Crimes Fighter Team, Seoul has formulated its Cyber Security Plan, Scotland Yard established its own Cyber Flying Squad, EU formed CERT Group to fight Cyber Attacks, etc. While these initiatives are timely and praiseworthy yet they are “Regional” in nature and Cyberspace and Cyber Security are International in nature.

Recent Cyber Attacks on Multinational Firms and Institutions ranging from Google and Citigroup to the International Monetary Fund, have raised fears that Governments and the Private Sector are not well equipped to deal with Cyber Attacks. It is high time that we must ensure not only an “International Harmonised Legal Framework” but also a Robust and Effective International Cyber Security Cooperation that is presently missing. India must also prepare itself for the bigger and unforeseen challenges that are waiting for it.