Thursday, June 30, 2011

E-Discovery Outsourcing, LPO And KPO Services In India

Outsourcing industry is witnessing many ups and downs in India. This is natural in a dynamic environment in which we live today. However, information and communication technology (ICT) related outsourcing issues are posing the biggest challenge before the outsourcing industry of India.

Indian outsourcing industry carries on business process outsourcing (BPO), legal process outsourcing (LPO), knowledge process outsourcing (KPO), etc. However, technology related LPO and KPO service providers in India are just handful. At Perry4Law Techno Legal Base (PTLB) we are managing the leading techno legal LPO and KPO services in the world.

A techno legal LPO and KPO platform is different from a simple LPO and KPO firm in the sense that it caters the requirements of both law and technology. Techno legal LPO and KPO services are in much demand for ICT related industries, ICT litigations and consultancies, etc.

A typical techno legal LPO or KPO would provide services in the fields of cyber law, cyber forensics, e-discovery, digital evidencing, techno legal dispute resolutions, cyber due diligence, etc.

As far as e-discovery related litigation, LPO and KPO services in India are concerned, they are managed by just one or two LPO and KPO providers. This is so because we have no e-discovery laws and regulations in India. In the absence of such legislations and public awareness there is very less demand for e-discovery related LPO and KPO works from India. A dominant majority of e-discovery related work comes from foreign jurisdictions where technology related laws are well placed.

Similarly, techno legal e-discovery LPO and KPO also requires domain specific expertise that is not easy to acquire. This is another reason why most of the LPO and KPO providers in India do not provide e-discovery related services.

However, India is paying attention to regulatory issues of ICT and more demand for e-discovery related LPO and KPO services would arise in future. It would be better idea if LPO and KPO providers in India develop good e-discovery related expertise till then.

E-Discovery Laws And Practices In India

Electronic discovery or e-discovery is a crucial component of corporate management, litigation services, response management, cyber security and so on. E-discovery is used for multiple purposes and by varied organisations and individuals these days.

E-discovery has many purposes to achieve. It can be used as an effective measure to prevent frauds from being committed by timely detection of suspicious activities. It can also be used for detection of these frauds and crimes after their commission. Thus, e-discovery is both preventive and curative in nature. However, despite the significance of this field, e-discovery in India has yet to get attention of Indian companies, individuals and law firms of India.

Even on the front of legal framework we have no e-discovery laws in India as well as e-discovery regulations in India. This is despite the fact that e-discovery is an important part of outsourcing industry of India. This has lead to a limited growth of e-discovery related legal process outsourcing (LPO) and knowledge process outsourcing (KPO) firms and organisations in India. There are very few firms in India that are providing e-discovery related LPO and KPO services in India.

At Perry4Law and Perry4Law Techno Legal Base (PTLB) we understand the importance of e-discovery solutions and litigation services to various organisations and individuals. In fact, PTLB is the exclusive institution that is providing techno legal e-discovery related solutions and litigation services. We consider both technical as well as legal aspects of e-discovery and digital evidencing in depth so that acquired information has “probative and evidentiary value”.

E-discovery should never be a simple discovery but it must be undertaken in such a manner that it meets the requirements of “admissibility” in a court of law. Many times e-discovery is not done properly and this results in the evidence acquired being held inadmissible by the courts.

Before hiring the services of a law firm, be sure to ensure that it has techno legal expertise to manage your e-discovery related assignment.

Legal Framework For E-Governance In India

Electronic governance in India (e-governance in India) is still at its infancy stage. Most of the e-governance projects of India under the national e-governance plan (NEGP) are still in the pipeline despite the deadline being passed long before. This is despite the fact that thousand of crores of public money has already been utilised for e-governance projects of India but without any constructive and practical results.

Meanwhile, the World Bank has once again issued $ 150 million loan to India. It has been issued under the category of e-delivery of public services development policy loan of India. The purpose of the loan is to ensure e-services delivery policy in India that is presently missing.

However, what is more alarming is the fact that in India we have no Indian legal framework for e-governance that can ensure mandatory e-governance services in India. Although the information technology act 2000 carries provisions pertaining to e-governance services in India yet they are “non mandatory and retrograde” in nature. This has resulted in a poor e-governance services delivery in India. Till now we have no legal framework that mandates that citizens and organisations can claim e-governance as a matter of right.

Further, the scope of NEGP is very wide covering almost all aspects of governance - right from delivery of services and provision of information to business process re-engineering within the different levels of government and its institutions. It is essential that NGP is implemented, monitored and regulated through a legal framework so that it is no more just a plan but reality.

In fact, while implementing the NEGP, various structural and institutional issues have already arisen which clearly call for a statutory mandate for their resolution. The purpose would be to give statutory mandate to the institutional entities, setting up of a separate fund, defining responsibilities and providing for time frames and oversight mechanisms. Thus, this legislation may, inter alia, contain provisions regarding the following:

(a) Definition of e-governance in the Indian context, its objectives and role,

(b) Coordination and oversight mechanisms, support structures at various levels, their functions and responsibilities,

(c) Role, functions and responsibilities of government organisations at various levels,

(d) Mechanism for financial arrangements including public-private partnership,

(e) Specifying the requirements of a strategic control framework for e-government projects dealing with statutory and sovereign functions of the government,

(f) Responsibility for selection and adoption of standards and inter-operability framework,

(g) Framework for cyber security, privacy protection, data security and data protection etc.
(h) Parliamentary oversight mechanism, and

(i) Mechanism for co-ordination between government organisations at Union and State levels.

E-Delivery Of Public Services Development Policy Loan Of India

E-Delivery of Public Services is the testing bed for any successful E-Governance Project. If essential Public Services cannot be delivered through use of Information and Communication Technology (ICT), there is no successful E-Governance implementation.

In India as well essential Public Services are still not successfully integrated with ICT and E-Governance has to cover a long distance before it becomes successful in India. India’s ranking in E-Readiness and E-Governance is declining year after year and India is still not bothered about this fact.

This situation does not “Justify” the usage of crores of public money on E-Governance Projects in India when there are no “Results” of such huge spending. The Government of India (GOI) and the World Bank recently signed another Loan Agreement of $150 million for the E-Delivery of Public Services Development Policy Loan under the National E-Governance Plan (NEGP) of India.

However, even this loan would not change the position in India till we have a “Mandatory E-Governance Legal Framework” in India. The Information Technology Act 2000 is the sole Cyber Law of India that carries few provisions pertaining to E-Governance as well. However, The IT Act 2000 has made E-Governance in India “Non Mandatory” and here lies the whole problem as this is a truly “Disabling Provision”.

If we do not make E-Governance Mandatory and we do not lay down “Deadlines” till which E-Governance Infrastructure must be established in India, public money would be wasted for ever. It is high time for India to ensure Mandatory E-Governance Services in India through a Legal Framework.

The Government and Indian Bureaucrats need to change their mindset and stress more upon “Outcomes and Services” rather than mere ICT procurement. India needs a “Services-Based Approach” that is not only Transparent, Accountable and Legal but also backed by a more efficient and willing Government. Presently the Bureaucrats and Government of India are in a “Resistance Mode” towards novel and effective E-Governance Policies and Strategies and they are merely “Computerising” traditional official functions only. This is benefiting neither the Government nor the citizens and is resulting in wastage of thousands of crores of public money and loans amount of United Nations Development Programme (UNDP) and World Bank.

The Governmental will and leadership is missing in India. To worsen the situation the Government of India is concentrating more upon the image rather than upon the end results. The grassroots level action is missing and the benefits of ICT are not reaching to the under privileged and deserving masses due to defective ICT Strategies and Policies of Indian Government. India is suffering from the “Vicious Circle” of defective E-Governance, as the basic input .i.e. governance itself is poor. India needs a “Virtuous Circle” of E-Governance through “Good Governance” that would have multiplication and amplification effect upon E-Governance efforts of Indian Government.

Some have even alleged that E-Delivery of Public Services in India is missing and World Bank is not at all interested in establishing Transparency and Accountability in Indian NEGP. World Bank must ensure accountability of Indian NEGP in order to show that its Loans are actually meant for growth and development of Indian masses rather than benefiting few Politicians and Bureaucrats as is happening right now.

Meanwhile, we must seriously consider formulating a Mandatory E-Governance Legal Framework for India that is not only Transparent but also Accountable. Further, if time limits are not set to achieve Mandatory E-Governance Services in India, all other efforts would fail. Let us see how “Serious” our Indian Government is regarding providing Mandatory E-Governance Services in India.

Sunday, June 19, 2011

Techno Legal Decryption Solutions By PTLB

A Government Panel has recently given its opinion that Encrypted Services in India would not be banned even if the Intelligence agencies cannot “Intercept” these Encrypted Communications. This would not be pleasant news for Home Ministry of India and Intelligence Agencies of India who now have to acquire Techno Legal Intelligence Gathering Skills to deal with Encrypted Communications.

Home Ministry of India and Intelligence Agencies never understood the point that E-Surveillance can never be a “Substitute” for Intelligence Gathering Skill and Cyber Skills. Now the message has been delivered, they must start working in the direction of acquiring good Techno Legal Intelligence Gathering Skills.

The Intelligence Infrastructure of India is in bad shape. The same needs an “Urgent Rejuvenation”. Projects like National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and System (CCTNS), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), National Counter Terrorism Centre (NCTC), etc cannot be “Outsourced” to Private Companies as far as their “Core Functions” are concerned. Otherwise, the whole purpose of such Projects would be defeated. In order to perform the Core Functions of these projects, Intelligence Agencies and Law Enforcement Agencies of India must develop necessary Skills in this regard.

To start with we must formulate the Encryption Policy of India. Till now we have neither an Encryption Policy of India nor do we have Encryption Laws and Regulations in India. The second step must be to enter into Public Private Partnerships (PPP) with IT Experts who can help the Home Ministry in successfully completing its various Projects. The next step must to provide Techno Legal Trainings to Intelligence Agencies and Law Enforcement Agencies of India.

Indian Government must develop solutions “Independent of E-Surveillance” so that Intelligence Agencies can decrypt secure and highly encrypted data and voice and written communication transferred across secure networks via Internet.

At Perry4Law Techno Legal Base (PTLB) we can assist the Indian Government and its agencies to establish Techno Legal Intelligence Infrastructure of India. The same would include using both Technical as well as Legal Mechanisms to deal with Encryption and Decryption issues.

Our Techno Legal Solutions are “Specifically Designed” to cater the needs of Human Rights Protection in Cyberspace. Since access to Internet is now a Human Right as per United Nations, Indian Government must implement all its Projects keeping in mind Human Rights and Fundamental Rights as enshrined in the Constitution of India.

Thursday, June 9, 2011

Cyber Forensics Laws In India

Cyber Forensics in India is still to be approved as an important part of Legal and Judicial System of India. Till now we do not have a specific and dedicated Cyber Forensics Law in India. Cyber Forensics is an amalgamation of Legal and Computer Science principles. Thus, it is essentially Techno Legal in nature.

This Techno Legal nature of Cyber Forensics has raised certain problems before the Law Enforcement Agencies of India, Legal Fraternity, Judicial Fraternity and the Governmental Departments dealing with the Cyber Forensics issues.

While the Police, Lawyers and Judges are still struggling to deal with Cyber Crimes and Cyber Forensics issues yet Government Departments are facing a shortage of Skilled Cyber Forensics Professionals. Suitable Techno Legal Cyber Forensics Courses in India and Cyber Forensics Education in India can reduce the shortage of Skilled Cyber Forensics Professionals in India.

India has been facing these problems because till now Cyber Forensics Policy of India has not been formulated. An ideal Cyber Forensics Policy of India must concentrate upon issues like Legal Framework for Cyber Forensics, Skills Development of Cyber Forensics, Trainings of Law Enforcement Officials, Lawyers, Judges, etc.

Cyber Forensics Policy of India cannot be implemented by a single stroke. It has to be formulated step by step and in a systematic and planned manner. Indian Government must pay attention to the Cyber Forensics Laws of India in general and Cyber Forensics Policy of India in particular.

Cyber Crisis Management Plan Of India

Crisis Management is an important aspect of planning and management of any project or eventuality. If we have a proper Crisis Management Plan, losses of lives and property is minimised to a great extent. We have Crisis Management Plans in India against floods, earthquakes and other natural calamities. However, are we prepared for Cyber Crises in Indian Cyberspace?

India has formulated a Crisis Management Plan for its Cyberspace. However, like other Policies and Strategies in India, it has not been implemented in true letter and spirit. Even the basic level Cyber Security Preparedness in India is not up to the mark.

There are many aspects of a Cyber Crisis Management Plan. For instance, Cyber Security, Cyber Law, Cyber Forensics, Anti Cyber Terrorism Plans, Anti Cyber Espionage Plans, Anti Cyber Warfare Plans, Human Rights Protection in Cyberspace, Critical ICT Infrastructure Protection, etc are some of the “Components” of a Cyber Crisis Management Plan.

Theoretically, India has a Cyber Law in the form of Information Technology Act 2000 (IT Act 2000), Cyber Security in the form of Government Guidelines, Cyber Forensics Practices in Governmental Laboratories alone and so on.

However, practically we have no Cyber Crimes Laws in India as the Cyber Law of India has made almost all the Cyber Crimes “Bailable”. We may have a Cyber Law but India has no Cyber Crimes Law. So Legal Framework for preventing Cyber Crimes is “practically missing” in India.

As far as Cyber Security is concerned, we have no Cyber Security Laws in India and no Cyber Security Policy in India. The Governmental Guidelines are meant for Government Departments alone and even these Government Departments do not follow the same. Government Websites are the most frequently defaced websites in India. Similarly, Government Computers are the “most successfully breached” Computers in India. Computers of Defense Forces, Prime Minister’s Office (PMO), Ministry of External Affairs (MEA), Ministry of Home affairs, etc have been successfully breached without even notice by these Ministries/Offices.

As far as other components of Cyber Crisis Management Plan of India are concerned, even they do not exist in India. We have no Cyber Forensics Laws in India, no Cyber Terrorism Policy in India, no Cyber Warfare Policy in India, no Critical ICT Infrastructure Protection Policy in India and no Human Rights Protection in Cyberspace in India.

In fact, Projects like Aadhar, NATGRID, CCTNS, Central Monitoring System (CMS) of India, etc are openly violating the Human Rights of Indians. These Projects are operating without any Legal Framework, Parliamentary Oversight and Judicial Scrutiny.

Even the basic Privacy Rights in India are missing. It is only now the Law Ministry of India has proposed the Right to Privacy Bill 2011 of India. Further, Data Protection Law in India is urgently required. We also need a Data Security Policy of India so that sensitive information and data of projects like Aadhar, NATGRID, CMS, etc is not “misused” once it falls in the wrong hands.

India cannot have a robust and effective Cyber Crisis Management Plan till it considers these aspects and actually starts working in the direction of achieving these components.