Showing posts with label Aadhar Project Of India. Show all posts
Showing posts with label Aadhar Project Of India. Show all posts

Tuesday, June 12, 2012

Law Enforcement Technologies In India

Law enforcement plays a crucial role in maintaining law and order situation in a region. In India, the law enforcement responsibility is managed by numerous law enforcement agencies. Indian Constitution has demarcated law enforcement subject as a matter of State List. This means that a majority of law enforcement functions in various States are performed by respective State.

There are some functions that are closely related to law enforcement responsibilities and that require a unified approach. To take care of such issues, the Union Ministry of Home Affairs acts in a centralised manner.

The Union Home Ministry of India has prescribed many intelligence and law enforcement related projects that rely upon information and communication technology (ICT). These include projects like national intelligence grid (Natgrid), crime and criminal tracking network and systems (CCTNS), national counter terrorism centre (NCTC), etc.

All these efforts are praiseworthy and deserve public support. However, all of these projects are suffering from a common constitutional problem. None of these projects are governed by any constitutionally sound legal framework. These projects must maintain a balance between civil liberties and national security requirements. This balance is presently missing and these projects are operating with great disregard to constitutional rights and freedoms and human rights.

Similarly, we have no constitutionally sound legal framework for law enforcement and intelligence agencies of India. Parliamentary oversight of intelligence and law enforcement agencies of India is missing. After all intelligence gathering is not above right to privacy in all circumstances.

Take the example of the central bureau of investigation (CBI) and intelligence agencies like intelligence bureau (IB) of India. The Indian government is not willing to bring transparency and accountability regarding law enforcement and intelligence agencies of India.

The recent private bill titled intelligence services (powers and regulation) bill, 2011 was shelved out by none other than the Indian Prime Minister Dr. Manmohan Singh who announced that law on intelligence agencies would be formulated soon. However, it proved nothing but a “time gaining tactics” and so far intelligence agencies of India are not governed by any legal framework and parliamentary oversight. Interestingly, even the central bureau of investigation (CBI) is riding the same boat. The draft central bureau of investigation act, 2010 is another example where the Indian government is just interested in making “declaration” with no actual “intention” to implement the same. It is high time to show political will to tackle these crucial and controversial issues as they cannot be ignored any more.

In our subsequent posts, we would cover the techno legal aspects of intelligence and law enforcement agencies of India.

Tuesday, February 21, 2012

Parliamentary Oversight Of Intelligence Agencies Of India Is Missing

This is an opinion piece that first appeared in Google news but was censored by Google within an hour of its publication. This act of Google is a gross violation of civil liberties in general and right to speech and expression in particular. We are not even sure whether Google would keep this article in search engine results pages (SERPs) and blog search.

In order to make available this article to the widest possible audience, we are publishing this piece of article at our blog. Though, originally it was intended to be an exclusive article for “
Cjnews India” but we are hereby forced to post it at our own blog keeping in mind the increasingly succumbing nature of Google before Indian government. We apologise for cross posting to our readers in general and “Cjnews India” in particular.

In this exclusive guest column, Praveen Dalal, leading techno legal expert of Asia and Managing Partner of India’s exclusive techno legal ICT Law Firm Perry4Law, has shared his viewpoints about the growing needs of parliamentary oversight of intelligence agencies and law enforcement agencies of India.

Indian Government is too reluctant to ensure Parliamentary Oversight for Intelligence Agencies and Law Enforcement Agencies of India. If this is not enough, Indian Government has been launching new Projects having serious “Constitutional Ramifications” and “Civil Liberties Violation” effects.

For instance, the National Counter Terrorism Centre (NCTC) Project of India, National Intelligence Grid (Natgrid) Project of India, Aadhar Project of India, Crime and Criminal Tracking Network and System (CCTNS), etc are not governed by any Legal Framework and Parliamentary Oversight. Indian Government is not willing to understand and accept that Intelligence Work is not an excuse for Non Accountability.

For some strange reasons Intelligence Infrastructure of India has become synonymous for Non Accountability and Mess. There is neither any Parliamentary Oversight nor and Transparency and Accountability of the working of Intelligence Agencies of India.

Even a basic level effort to enact a Legal Framework for Intelligence Agencies of India is missing in India. The first and foremost challenge to such Parliamentary Oversight mechanism comes from the Intelligence Agencies themselves that do not wish to be governed by any Rules and Norms at all.

Then we have “Bureaucratic Hurdles” in India that do not allow such a Legal Framework to be proceeded with. Finally, the Parliament of India itself is not interested in bringing these Intelligence Agencies within the fold of Parliamentary Oversight.

Take the example of the recent Private Bill titled Intelligence Services (Powers and Regulation) Bill, 2011. It was shelved out by none other than the Indian Prime Minister Dr. Manmohan Singh who announced that Law on Intelligence Agencies would be formulated soon. However, it proved nothing but a “Time Gaining Tactics” and so far Intelligence Agencies of India are not governed by any Legal Framework and Parliamentary Oversight.

Interestingly, even the Central Bureau of Investigation (CBI) is riding the same boat. The Draft Central Bureau of Investigation Act, 2010 is another example where the Indian Government is just interested in making “Declaration” with no actual “Intention” to implement the same.

In these circumstances, can the States trust the Centre regarding the establishment of National Counter Terrorism Centre (NCTC) of India? The answer is definitely negative even if States keep their “Political Interests” aside. This is also the reason why NCTC is facing stiff oppositions. Of course, there are “Practical Difficulties” and “Internal Turf War” among various Agencies and Ministries of Central Government a well. It seems the obvious but unsolvable Terrorism Dilemma in India would continue as National Interest of India and fighting Terrorism is not a “National Priority”.

Till now the constitutionality of the National Investigation Agency Act 2008 (NIAA 2008) has not been accepted by States and now NCTC has been launched through an “Executive Order”. The practice of clubbing new Projects, Agencies and Institutions with existing laws is a bad approach. So NCTC without a Legal Framework is definitely Unconstitutional and even tagging it with the Unlawful Activities (Prevention) Act, 1967 would not save it from the Patent and Apparent Unconstitutionality with which it is suffering.

Wednesday, January 11, 2012

Electronic Authentication Policy Of India

Electronic authentication (e-authentication) is a very useful service provided it is safe, secure and reliable. Similarly, e-authentication must also be supported by a sound legal framework that governs its uses and abuses.

We have no e-authentication policy in India. Even we have no legal framework for e-authentication in India. Although some efforts in this regard were made through the Aadhar project of India yet the very constitution and functioning of Aadhar project is unconstitutional. For some strange reasons, the unique identification authority of India (UIDAI), which is managing the Aadhar project, thinks that it is above constitution of India. This attitude of Aadhar and UIDAI has brought it to a stage where it is about to be scrapped.

So as on date we have no legal framework for e-authentication in India, no authority that can deal with e-authentication in India and no policy framework for e-authentication in India that has been implemented at the national level. If this is not enough, we have no encryption usage policy of India that can ensure cyber security of e-authentication in India.

If both cyber security in India and use of encryption in India are missing, the credibility of any e-authentication system is in great doubt. Possibility of data breaches and cyber attacks cannot be ruled out. Securing of critical national infrastructure of India from cyber attacks has still not achieved and introducing an e-authentication system without robust cyber security is not a wise move.

The cyber security trends in India 2011 by Perry4Law Techno Legal Base (PTLB) indicate that cyber security in India is still ignored by various stakeholders. Whether it is banks or strategic computers of Indian government, all of them have proved to be vulnerable to cyber attacks.

E-authentication is also useful for providing mobile banking services in India. Cyber security of Internet banking in India is still poor and e-banking risks in India are abundant. Mobile banking cyber security in India is still to be established before it can be explored in India.

E-authentication cannot succeed in India till we take care of various techno legal policy issues. Without removing various obstacle of e-authentication, using the same in India would create more problem than solutions providing.

Saturday, November 26, 2011

Surveillance of Internet Traffic In India

E-surveillance in India is no more a secret as Indian government is openly engaging in e-surveillance activities. This is despite the fact that an unregulated and unguided e-surveillance is violating the civil liberties protection in cyberspace in India.

Now e-surveillance is proposed to be expanded to even mobile infrastructure. The cell site location based e-surveillance in India is also in contemplation. Cell site data location laws in India and privacy issues are once again bypassed for this proposal. Even the e-surveillance policy of India is missing that can provide some safeguards against illegal and unconstitutional e-surveillance in India.

Similarly projects like Aadhar project of India, central monitoring system project of India, etc are also intended to strengthen the e-surveillance capabilities of India without and constitutional safeguards.

On the top of India, India is trying every possible method to discourage the cyber security initiatives like encryption. Encryption policy of India is missing and so are encryption laws in India.

Now Indian government has forced the telecom service providers and internet service providers (ISPs) to deploy monitoring equipment for surveillance of internet traffic as per the conditions of the respective license agreements and as per the requirements of security agencies. At present, indigenous internet monitoring systems are being deployed in the network of ISPs.

Based on the feedback and traffic projections provided by the ISPs, the internet monitoring systems are upgraded and deployed continuously as per the requirement of security agencies.

India needs to upgrade its intelligence infrastructure that is in real mess. Intelligence agencies need to develop intelligence gathering and analysis skills so that situations like the present one can be taken care of. E-surveillance is not a substitute for cyber skills and Indian government and its agencies must realise this truth as soon as possible.

Even by forcing the telecom service providers and ISPs to filter internet traffic at large would not serve any purpose. Cyber criminals and terrorists are already well aware to use sophisticated technology to hide their tracks. This exercise would only violate the civil liberties of law abiding citizens.

Fortunately, Yahoo has dragged Indian government regarding e-surveillance to the Delhi High Court and a judicial scrutiny of e-surveillance in India may be possible. Time has come to consider all these aspects in detail and at the highest levels by the Indian government and parliament of India.

Saturday, October 8, 2011

Privacy Laws In India

We have no dedicated privacy laws in India and data protection laws in India. Naturally, this is a troublesome and undesirable situation. The supreme court of India has interpreted Article 21 as empowering Indian citizens with right to privacy in India.

However, despite this constitutional protection, various governmental projects in India are opening ignoring Article 21 and are clearly violating the same. This is happening because we have no national privacy policy in India.

Further, we have no privacy laws in India as well. Although some privacy guidelines have been issued by one or two departments of Indian government yet they are far from satisfactory and cannot replace a well structured privacy law of India.

Privacy rights in the information era require a totally different outlook. In fact, privacy rights form an essential part of civil liberties protection in cyberspace that India is presently ignoring.

For instance, consider the projects like Aadhar, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), etc.

They must be supported by a techno legal framework and must be civil liberty complaint. Presently, none of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny. These projects are openly violating various human rights/civil liberties, including right to privacy.

It is high time to formulate privacy laws in India so that constitutional freedoms and rights are not considered to be just legal jargon we no actual implementation.