Monday, January 2, 2012

Internet Access Is A Fundamental Human Right In Cyberspace

Civil liberties protection in cyberspace has taken a centre stage these days. International community is getting serious in protecting valuable civil liberties that are openly violated by various nations. For instance, the Council of Europe issues a resolution that prohibits abuse of state secrecy and national security for violating civil liberties. Similarly, United Nations has also declared that access to Internet is a basic human right that cannot be taken away by national governments.

A few years back talking about human rights in cyberspace generated skeptic reactions. Things have not changed much even today but at least now we know that human rights can be extended to cyberspace. For instance, blanket e-surveillance, Internet censorship and websites blocking cannot be adopted lest human rights are absolutely ignored. The cyber law trends in India 2011 have shown that India has performed poorly on all these front. In fact, India is acting desperately to control technology.

At Perry4Law Techno Legal Base (PTLB) we have been supporting the efforts that can ensure recognition of human rights in cyberspace at both national and international level. At the national level, India is still not ready and willing to recognise human rights in cyberspace. At the international level, part of human rights in cyberspace has started gaining importance.

For instance, the United Nations (UN) has declared that right to access to Internet is a human right. Similarly, Organisation for Security and Cooperation in Europe (OSCE) has also supported this stand of UN through a recently released report.

The report has analysed the first ever of state regulations on Internet access within the 56-member OSCE. Finland and Estonia have already declared access to Internet as a human right and this is a good step in right direction. PTLB welcomes these reformative actions of Finland and Estonia.

Countries around the world are restricting human rights in cyberspace by citing national security, sovereignty, law and order and many such grounds. While none can doubt that national security is an important function of a sovereign state yet there must be a harmony between national security and human rights.

Giving a blind and absolute primacy to national security even if clearly means violating basic human rights is not a wise approach for a welfare state like India. We hope Indian government would consider empowering Indian netizens by recognising and strengthening their human rights in cyberspace.

Abuse Of State Secrecy And National Security: Obstacles To Parliamentary And Judicial Scrutiny Of Human Rights Violations

The Council of Europe has issued many important and far reaching resolutions and notifications in the year 2011. One such important resolution is titled as abuse of state secrecy and national security: obstacles to parliamentary and judicial scrutiny of human rights violations. This is in addition to the concerns shown by the European Council regarding cyber attacks and political pressures upon cyber dissidents. It seems European Council is stressing upon protecting human rights in cyberspace and civil liberties protection in cyberspace.

This also shows that the international community is getting serious about protection of civil liberties in cyberspace. For instance, the connection between United Nations and human rights in cyberspace is also well known where UN declared that access to Internet is a basic human right. However, the efforts of United Nations regarding cyber laws and human rights in cyberspace need to be further expedited as they are slow in nature.

As far as India is concerned the situation is really alarming. Law enforcement and intelligence agencies of India are practically working with no legal framework. Parliamentary scrutiny of law enforcement and intelligence agencies of India is still missing. Although draft bills for central bureau of investigation (CBI) and intelligence agencies of India were made, they were never considered by Indian parliament. Till now agencies like CBI, research and analysis wing (RAW), etc are working with no constitutionally sound law governing their operations.

Further, numerous e-surveillance oriented projects like Aadhar, national intelligence grid (Natgrid), central monitoring system (CMS), national counter terrorism centre (NCTC), crime and criminals tracking and networks system (CCTNS), etc have been launched without any legal framework and parliamentary scrutiny. Phone tapping in India is also not done in a constitutional manner. E-surveillance in India and Internet censorship in India has also increased a lot. Clearly, parliament has failed to address abuses of state secrecy and national security powers in India.

Even judicial scrutiny of e-surveillance and Internet censorship issues in India is not up to the mark. Fortunately, the Supreme Court of India is dealing with privacy violations through illegal phone tapping in India. While doing so the Supreme Court has observed that with the present state of technology used in India by law enforcement agencies and private individuals, privacy rights of Indians are at grave risk. The Supreme Court also recommended reformation of official secrets act of India keeping in mind the contemporary requirements and environment. This is a good sign but the Supreme Court of India must expedite these matters as they have been pending for long.

Parliamentary oversight and judicial scrutiny are the twin safeguards that can prevent excessive abuse of state secrecy and national security powers in India. Unfortunately, presently both of them are missing and this has resulted in an intelligence mess in India. Further, India is desperate to control technology rather utilising it.

We need dedicated and separate privacy laws, data privacy laws and data protection laws in India to tackle state abuse of its sovereign powers. The sooner these procedural and constitutional safeguards are adopted in India the better it would be for the larger interest of India.

Council of Europe’s Draft Resolution On Abuse Of State Secrecy And National Security

In this “Guest Column”, Praveen Dalal, Managing Partner of Perry4Law has examined one of the most important resolutions of Council of Europe. It is titled abuse of state secrecy and national security: obstacles to parliamentary and judicial scrutiny of human rights violations.

Recently European Council had also shown its concern regarding cyber attacks and political pressures upon cyber dissidents. It seems European Council is very serious in protecting human rights in cyberspace and civil liberties protection in cyberspace.

National Security and National Secrets are two of the most common “Excuses” given by the Nations to bypass Constitutional and Human Rights Protections. Civil Liberties are blatantly violated under the garb of exercising powers under these two issues.

India is no exception to this rule as Laws like Indian Telegraph Act, 1885, Official Secrets Act, 1923 etc are frequently used in clear contraventions of Constitution of India, Right to Information Act, 2005 and similar Laws.

Unconstitutional Phone Tapping is the example of former Law whereas Non Disclosure of relevant and essential information under an RTI Application is the example of latter. Even the Supreme Court of India has shown its “Displeasure” with both the Laws.

While “Guidelines” for prevention of “Unauthorised Phone Tapping” have been provided by Supreme Court to cover the deficiencies of the former Law, yet it has suggested “Repealing” of the latter. However, Indian Parliament is least bothered about formulating “Essential Laws” and the Executive has made India an “Endemic E-Surveillance Society”.

This E-Surveillance Model of Indian Government is just “Harassing” the law Abiding Citizens of India and Cyber Criminals and Terrorists are still successfully giving effect to their nefarious activities. It is high time for the Indian Supreme Court to take note of this “Constitutional Anomaly”.

The Council of Europe has released a Resolution titled “Abuse of State Secrecy and National Security: Obstacles to Parliamentary and Judicial Scrutiny of Human Rights Violations”. It reads as follows:

1. The Assembly considers that judicial and parliamentary scrutiny of government and its agents is of vital importance for the rule of law and democracy. This also applies especially to so-called special services whose activities are usually kept secret. Security and intelligence services, the need for which cannot be put into doubt, must nonetheless not become a “state within the state”, exempted from accountability for their actions. Such lack of accountability leads to a dangerous culture of impunity, which undermines the very foundations of democratic institutions.

2. In combating terrorism, governments are increasingly invoking “state secrecy” or “national security” in order to ward off parliamentary or judicial scrutiny of their actions.

3. In some countries, in particular the United States, the notion of state secrecy is used to shield agents of the executive from prosecution for serious criminal offences such as abduction and torture, or to stop victims from suing for compensation. The United States also refused to co-operate, in particular, with the judicial authorities of Germany, Lithuania and Poland in the criminal investigations launched in those countries in view of numerous elements of proof of abductions, secret detentions and illegal transfers of detainees (see Resolution 1507 and Recommendation 1754 (2006) and Resolution 1562 and Recommendation 1801 (2007) of the Assembly).

4. The Assembly recognises the need for states to ensure effective protection of secrets affecting national security. But it considers that information concerning the responsibility of state agents who have committed serious human rights violations, such as murder, enforced disappearance, torture or abduction, should not be subject to secrecy provisions. Such information should not be shielded from judicial or parliamentary scrutiny under the guise of “state secrecy”.

5. The Assembly believes that there is no reason why judicial and parliamentary institutions should be less trusted than state executive bodies and their agents where the protection of legitimate secrets is concerned. As Canada demonstrated in the Maher Arar case, it is possible to put in place special procedures for the supervision of the activities of the special services guaranteeing both the adequate protection of legitimate state secrets and the protection of fundamental rights and freedoms.

6. Parliamentary supervision of the security and intelligence services, both civilian and military, is either non-existent or grossly inadequate in many Council of Europe member states. The permanent or ad hoc parliamentary commissions set up in several countries to oversee the activities of the secret services are hampered by a lack of information, which is under the exclusive control of the executive itself, and most often of a very small circle within the latter.

7. The Assembly welcomes the growing co-operation between different countries’ secret services, which constitutes an indispensible tool to confront the worst forms of organised crime and terrorism. This international co-operation should, however, be accompanied by equivalent co-operation between oversight bodies. It is unacceptable that activities affecting several countries should escape scrutiny because the services concerned in each country invoke the need to protect future co-operation with their foreign partners to justify the refusal to inform their respective oversight bodies.

8. The media play a vital role in the functioning of democratic institutions, in particular by investigating and publicly denouncing unlawful acts committed by state agents, including members of the secret services. They rely heavily on the co-operation of “whistleblowers” within the services of the State. The Assembly reiterates its calls for adequate protection for journalists and their sources (Recommendation 1950 (2011) and for “whistleblowers” (Resolution 1729 and Recommendation 1916 (2010)).

9. The Assembly can only welcome the publication, in particular via the “Wikileaks” site, of numerous diplomatic reports confirming the truth of the allegations of secret detentions and illegal transfers of detainees published by the Assembly in 2006 and 2007. It is essential that such disclosures are made in such a way as to respect the personal safety of informers, human intelligence sources and secret service personnel. The appearances of such websites is also the consequence of insufficient information made available and a worrying lack of transparence of Governments.

10. In some circumstances, in particular in the framework of the fight against terrorism, measures restricting freedom and violating fundamental rights are taken against suspect individuals who are not even informed of the – “secret” – grounds for suspicion on which these measures are based and do not have the possibility to seize an independent complaints mechanism. The Assembly reiterates its appeal in Resolution 1597 (2008) to the competent United Nations and European Union bodies to reform the “blacklisting” procedures, putting an end to such arbitrary methods and putting into place mechanisms that are both effective and respectful of the rule of law in order to neutralise persons suspected of supporting terrorism.

11. With regard to judicial inquiries, the Assembly:

11.1. welcomes the inquiries conducted professionally by the competent German and Italian authorities, which have shed considerable light on the abductions of Khaled El-Masri and Abu Omar;

11.2. welcomes the friendly settlements reached by the British authorities with the alleged victims of abuses committed by the British services and urges all interested parties to agree immediately on a framework satisfying the requirements of the European Convention on Human Rights regarding the duty to investigate allegations of torture for the special inquiry under the aegis of Sir Peter Gibson announced by the Prime Minister in July 2010;

11.3. urges the Lithuanian, Polish, Portuguese and Spanish prosecuting authorities to persevere in seeking to establish the truth about the allegations of secret CIA detentions and urges the American authorities to cooperate with them;

11.4. calls on the Romanian judicial authorities and those of “the former Yugoslav Republic of Macedonia” to finally initiate serious investigations following the detailed allegations of abductions and secret detentions in respect of those two countries, and on the American authorities to provide without further delay the judicial assistance requested by the prosecuting authorities of the European countries concerned;

12. With regard to parliamentary inquiries, the Assembly:

12.1. welcomes the determination of many members of the commission of the German Bundestag responsible for investigating the alleged involvement of the German services in CIA actions, while regretting that the government persisted in withholding the information requested by the commission, to the point that the Federal Constitutional Court, following an application by the opposition representatives, was forced to censure the government’s behaviour; deplores, however, that the end of the legislature did not allow for the commission’s work to continue after the judgment, as it was dissolved and not reconstituted;
12.2. welcomes the inquiry by the national security and defence committee of the Lithuanian Seimas which established the existence of two CIA secret detention centres on Lithuanian territory, while noting that the inquiry was unable to establish whether people had actually been detained and illtreated in those places, and whether Lithuanian senior officials were aware of the CIA actions in collaboration with agents of the Lithuanian secret service (SSD);

12.3. welcomes the untiring efforts of the All Party Parliamentary Group to establish the truth about the involvement of the British authorities in cases of illegal transfers of detainees concerning the United Kingdom;

12.4. Deplores that the Polish and Romanian parliaments confined themselves to inquiries, whose main purpose seems to have been to defend the official position of the national authorities;

12.5. Is surprised that the parliament of “the former Yugoslav Republic of Macedonia” considered it unnecessary to launch an inquiry into the El-Masri case, in the light of the clear findings of the European and German inquiries on this subject.

13. With regard to procedures for monitoring the secret services in general, the Assembly calls on Council of Europe member and observer states still lacking equivalent bodies to set up:

13.1. A parliamentary mechanism for monitoring the secret services, while ensuring that it has sufficient access to all the information needed to discharge its functions whilst respecting a procedure which protects legitimate secrets;

13.2. Special procedures so that legitimately secret information can be handled without endangering state security in criminal or civil proceedings concerning the activities of special services;

13.3. An adversarial procedure before a body allowed unrestricted access to all information to decide, in the context of a judicial or parliamentary review procedure, on whether or not to publish information which the government wishes to remain confidential.

14. With regard to international co-operation between oversight bodies, the Assembly calls on parliaments participating in the development of the future “Network of European expertise relating to parliamentary oversight of security and intelligence services” to consider widening the terms of reference of the future network and the range of participants in order to make it an effective instrument of co-operation between the competent bodies of all Council of Europe member and observer states, making it possible to remedy the shortcomings in parliamentary oversight resulting from increased international co-operation between the services in question….. [See the Report (PDF) for all points]

50. Finally, the fundamental role played by whistleblowers must not be forgotten. Their importance of their contribution is in fact proportionate to the extent that secrecy is still imposed. It is not exaggerated that, still today – and in some cases even more so than in the past – we are confronted with a real cult of secrecy; secrecy as an instrument of power, as Hannah Arendt reminds us in the citation at the very beginning of this report. It is therefore justified to say that whistleblowers play a key role in a democratic society and that they contribute to making up the existing deficit of transparency. We said so before: the Assembly’s reports of 2006 and 2007 and, more recently, the revelations concerning “black sites” in Lithuania are due to a large extent to honest officials who, for ethical reasons and taking great risks, could not and would not take part any longer in illegal activities or cover them up by remaining silent. In this connection, we should also remember Bradley Manning, the young American soldier accused of providing Wikileaks with a large number of confidential documents. High-ranking American officials and numerous voices of international public opinion have expressed indignation at the inhuman and degrading treatment which Mr Manning is said to have undergone. It will be up to the courts to judge. But we cannot ignore that according to the very accusations made against him we are indebted to him for the publication both of a recording of a helicopter attack in Iraq, in which the crew seems to have intentionally targeted and killed civilians. The video recording seemingly indicates a deliberate criminal act which deserves at least an investigation, which, without this indiscretion, would have never been requested. This is a classic example of an illegitimate secret. In addition, the publication of a large number of embassy reports has allowed us to learn significant details of important recent events and which are obviously of general interest. We must not forget either that these publications have brought numerous confirmations of findings included in the Assembly’s reports of 2006 and 2007 on the CIA flights and secret prisons. All those who at the time called for “proof, proof!” have in any case been well served.

This is a good step in right direction and I hope India would also deal with the issues mentioned in this Resolution very soon.

Sunday, January 1, 2012

Cyber Law Of India Should Be Reformed

Technological issues when collaborated with legal framework bring complex situations. It is very difficult to provide a legal framework for technological issues. India is also trying to grapple with this problem. Although cyber law in India has been enacted in the form of information technology act 2000 (IT Act 2000) yet it has remained archaic and non performer. The cyber law trends in India 2011 proved this point.

Cyber law of India needs to be rejuvenated. The emphasis must be to develop and protect Indian cyberspace rather than considering as a threat to be tackled through Internet censorship, websites blocking, e-surveillance, phone tapping and similar anti civil liberties protection in cyberspace.

Similarly stress should be given to cyber security of India through cyber security due diligence and mandatory obligations. The cyber security trends in India 2011 have proved that various stakeholders in India are not paying enough attention to cyber security. This is more so regarding banks in India that are not following the cyber security guidelines of Reserve Bank of India (RBI).

Perry4Law and Perry4Law Techno Legal Base (PTLB) believe that a major reason for poor performance on Indian cyber law and cyber security is that we have mixed all the aspects in a single law. For instance, although IT Act 2000 covers issues like cyber law, cyber security, cyber forensics, encryption, e-governance, e-commerce, cyber terrorism, etc yet the same are covered by a single section or more. This way none of them are individually effective.

We must have a separate and dedicated law for each of these issues that seem to have been dumped into a single law making it ineffective and useless for those issues. Further, the information technology amendment act 2008 (IT Act 2008 amendments) have further complicated the issue. By making almost all the cyber crimes “bailable”, Indian government has created a big nuisance for itself.

Perry4Law and PTLB hope that the year 2012 would bring major relief in this regard. Law making is a lengthy and tedious process and the sooner it is started the better it would be for the larger interest of India.

Saturday, December 31, 2011

Cyber Laws In India

Cyber laws in India are very much required especially to manage the culpable dealings of big corporate houses. IT frauds and cyber crimes in Indian companies are increasing at a great speed. Currently there is no cyber due diligence for Indian companies that has been mandatorily provided by the Indian Companies Act, 1956.

The Information Technology Act, 2000 (IT Act 2000) is the sole cyber law of India. The companies in India are required to follow cyber law due diligence in India and cyber security due diligence in India. In the absence of proper due diligence these companies may find themselves in trouble.

Indian companies are neither prepared nor willing to deal with these sophisticated technology crimes and organised crimes. Recently the companies bill 2011 was tabled in lok sabha that carried few reformatory provisions in this regard. It was planned to give more powers to serious frauds investigation office (SFIO) of India. Under the proposed companies bill 2011, SFIO had been given a statutory recognition. However, the bill failed to become law and the position still remains gloomy.

Cyber crimes in India are increasing unchecked. However, efforts to curb the same are still far from satisfactory. In fact, by making almost all the cyber crimes and cyber contraventions under the IT Act 2000 bailable, Indian government has further complicated the situation. In fact, experts have been demanding that cyber law of India should be repealed and new and better laws must be enacted.

We need separate and dedicated legal frameworks in India. For instance, e-commerce laws in India, social media laws in India, e-governance laws in India, cyber security laws in India, cyber forensics laws in India, e-discovery laws in India, digital evidencing laws in India, etc must be enacted separately.

In short, cyber law of India must be given an importance that it deserves. Presently, it is given a piecemeal treatment that is not conducive for its long term growth in India.

Friday, December 30, 2011

Digital Preservation In India Needed

Digital preservation is an issue that has not received much attention in India. Digital preservation is a process in which materials are converted into electronic form for future uses. Digital preservation also ensures that the material has a longer life shelf than the original form.

Digital preservation in India is still in infancy stage. Although we have a Public Records Act 1993 that mandates a digital preservation usage, the same has remained abysmal in India. Public records keeping framework of India has by and large remained ignored. Of course, some institutions like Reserve Bank of India (RBI) have good public records keeping framework.

Digital framework and public records keeping are issues that have a direct bearing upon multiple legal frameworks. For instance, Intellectual property rights (IPRs) are commonly found conflicting with digital preservation initiatives. Technological issues of IPRs would also pose great challenges before the digital preservation initiatives of India.

Recent traditional knowledge digital library (TKDL) of India is one of the most innovative and much needed initiatives undertaken by Indian government. Being a digital library it must ensure digitalisation of contents as well as their digital preservation.

Similarly, cyber law of India also has a direct bearing upon records keeping and digital preservation. In fact, Public Records Act 1993 and IT Act 2000 mandates are very apparent and they cannot be ignored. Similarly, Right to Information Act 2005 and Public Records Act 1993 are also closely related.

Electronic delivery of services and Public Records Act 1993 are also correlated as in future archives and digital documents would be required to be provided to effectuate electronic delivery of services. The proposed Electronic Delivery of Services Bill (EDS) 2011 of India has proved this point.

Surprisingly, despite the importance of public records and digital preservation, Indian national digital preservation policy is still missing and there is no legal framework for digital preservation in India. Digital preservation initiatives of India need urgent reforms if we have to effectual electronic delivery of archives and public records. The sooner it is done the better it would be in the larger interest of India.

Monday, December 26, 2011

Ethical Hacking Training And Courses In India

The need of ethical hackers in India has emerged out of the necessity to tackle growing cases of cyber crimes and cyber attacks. For too long strategic systems and computers located at Indian government departments and sensitive faculties have been targeted by cyber criminals and enemy states. Incidences of cyber espionage against India have increased a lot.

Naturally, India needs a skilled ethical hacking workforce that can ward off such cyber threats. Cyber skills development in India has, therefore, gained importance and demand for skilled workforce in fields like cyber security, cyber forensics, cyber law, etc has increased globally.

These fields are techno legal in nature that required a thorough understanding of both technical and legal aspects at the same time. Neither technical nor legal knowledge in itself is sufficient. Techno legal e-learning courses in India need to be developed to meet the techno legal demands of India.

Ethical hacking trainings and courses in India need to be developed on techno legal lines. Similarly, ethical hacking training institutes in India must also ensure that the trainings provided by them are techno legal in nature. Further, ethical hacking training providers in India must also ensure that they provide only practical trainings and courses whose main aim should be to develop techno legal skills.

Ethical hacking skills development in India is not an easy task. The amalgamation of technology and law is not easy to teach. It is even more difficult to practically apply these techno legal principles in real life. At Perry4Law Techno Legal Base (PTLB) we understand these issues and are providing the exclusive techno legal ethical hacking trainings and courses in India. Other techno legal courses are also provided by PTLB that covers areas like cyber law, cyber forensics, cyber security, etc. PTLB is also managing the exclusive techno legal ethical hacking software and tools repository in India.

PTLB e-learning platform is providing ethical hacking training and courses in India among various other techno legal courses, trainings, educations and skills development initiatives. We hope these initiatives of PTLB would be useful for all the stakeholders.

Saturday, December 24, 2011

Financial Frauds And IT Crimes In Indian Companies Is Increasing

Financial frauds and cyber crimes have plagued Indian corporate sector. IT and cyber frauds in Indian companies has increased a lot. Corporate IT frauds and cyber crime investigations in India have also increased. This has also necessitated cyber due diligence for Indian companies.

White collar crimes and financial frauds are increasing in India. By its very nature these high profile crimes affect corporate sector. Indian companies are also facing increased corporate frauds, financial frauds, white color crimes and technological frauds.

With growing dependence upon information and communication technology (ICT) for various corporate functions, corporate systems and corporate assets are exposed to diverse forms of cyber attacks. Further, data privacy laws in India, data protection laws in India, privacy laws in India, etc have further added responsibilities for corporate sector of India.

Further, companies in India are also required to follow cyber law due diligence in India and cyber security due diligence in India. However, absence of techno legal cyber skills and cyber crimes investigation trainings in India, technology related crimes and cyber crimes have increased in India. Companies in India are facing growing threats from malware attacks, phishing attacks, ATM frauds, online banking threats, trading fraud, etc.

Clearly, Indian companies are not prepared to deal with these sophisticated technology crimes and organised crimes. Recently the companies bill 2011 has been tabled in lok sabha that carries few reformatory provisions in this regard. It was planned to give more powers to serious frauds investigation office (SFIO) of India. Under the proposed companies bill 2011, SFIO has been given a statutory recognition. This is a good step as it would help in curbing corporate frauds in India.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that it is high time for Indian companies to take care of the cyber due diligence and cyber security due diligence requirements under various laws of India. These due diligence requirements are essential part of overall audit strategy of each company. The sooner cyber law and cyber security are taken seriously by Indian companies the better it would be for the larger interest of all stakeholders.

Friday, December 23, 2011

Corporate IT Frauds And Cyber Crimes Investigation In India

Corporate frauds and crimes have taken a new shape in the present information technology age. Data theft, privacy violations, intellectual property rights (IPRs) violation, trade secrets theft, financial frauds, etc have also increased in the corporate sector of India. Even white collar crimes and organised crimes have increased a lot.

Clearly, IT and cyber frauds in Indian companies have increased a lot. These frauds have necessitated cyber due diligence for Indian companies. Further, these IT frauds and corporate cyber crimes have necessitated for their timely and proper investigation. Corporate laws of India must be suitable amended to address these issues in India.

There are multiple investigation agencies in India depending upon the nature of the wrong or crime. Corporate frauds and corporate cyber crimes can be prosecuted at the administrative level or in civil and criminal courts.

Investigation of corporate IT frauds and corporate cyber crimes is a complicated process that requires techno legal training and expertise. These offences require a good working knowledge of both technical and legal knowledge.

Cyber crime investigation methods in India are still maturing. There are very few cyber crime investigators in India that can investigate a cyber crime in techno legal manner. Cyber crime investigation training in India is urgently required so that more such investigators can be produced. With growing cases of corporate IT frauds and corporate cyber crimes, the demand for such cyber crime investigators in India is going to increase.

Perry4Law and Perry4Law Techno Legal Base (PTLB) are providing world renowned and exclusive techno legal trainings to various stakeholders. Some of the areas covered by PTLB are cyber due diligence training in India, cyber forensics trainings in India, cyber security training in India, corporate IT frauds prevention training in India, cyber crime investigation training in India, etc.

Recently, corporate frauds like Satyam fraud, Citibank fraud at Gurgaon, etc came to the light in India. More such frauds may be possible in near future. Realising the gravity of the situation, Indian government decided to further strengthen the powers of serious frauds investigation office (SFIO) of India. The proposed companies bill 2011 has also decided to grant a statutory recognition to SFIO so that corporate frauds can be effectively tackled. Further, corporate and banking laws in India are in the process of being strengthened.

This is a good decision. However, SFIO must develop techno legal expertise to effectively tackle the growing cases of corporate IT frauds and corporate cyber crimes in India. SFIO should immediately start developing techno legal capabilities so that we have a strong and effective authority that can not only deter corporate IT frauds but can also successfully prosecute and punish them. Perry4Law and PTLB would extend their techno legal expertise in this regard if requested by SFIO or any other law enforcement agency or other agency of Indian government.

Cyber Due Diligence For Indian Companies

Cyber due diligence in India has finally arrived in India. The information technology act, 2000 (IT Act 2000) is the sole cyber law of India. IT Act 2000 prescribes cyber due diligence requirements on the part of various stakeholders like banks, companies, individuals, Internet intermediaries, e-commerce sites, etc.

However, till now cyber due diligence in India has not been taken seriously. This is so because cyber law awareness is not very good among various stakeholders. Similarly, civil and criminal prosecutions for lack of cyber due diligence in India is a rare phenomenon. Since ignorance of law if no excuse, in future cases for lack of cyber due diligence would increase in India.

IT and cyber frauds in Indian companies is increasing these days. However, a majority of Indian companies are not performing cyber due diligence in India. The companies in India are required to follow cyber law due diligence in India and cyber security due diligence in India. In the absence of proper due diligence these companies may find themselves in trouble.

Social media laws in India and social networking laws in India would bring their own share of cyber due diligence. Cyber law on social media and networking sites in India is pretty stringent and employees of a company may violate the same intentionally or unintentionally. Internet intermediary law in India and cyber due diligence cannot be taken lightly in India anymore.

Another sector that is urgently demanding cyber due diligence is banking industry of India. Cyber due diligence for banks in India is long due. Banks and companies in India are facing growing threats from malware attacks, phishing attacks, ATM frauds, online banking threats, trading fraud, etc. If a bank cannot show that it performed cyber due diligence and such cyber frauds and cyber crimes occurred without its negligence, it may be required to bear the financial loss. Presently Indian banks are not complying with cyber law due diligence requirements in India.

Finally, the scope and use of e-discovery in India is also increasing. Whether it is a corporate investigation, civil suit or criminal proceedings, e-discovery is playing a decisive role world over. Further, e-discovery laws and practices in India are developing as well. Even e-discovery related litigation, LPO and KPO services in India are growing.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that cyber due diligence training in India needs to be developed so that cyber due diligence compliances by various stakeholders is possible. This training should be a regular and integral part of the corporate strategy of each company. There is no escape from cyber due diligence in India and companies must accept this reality as soon as possible.