Sunday, September 25, 2011

National Cyber Security Policy Of India

The recent cyber attacks upon India have proved once again that we need to pay more attention to cyber security in India. Cyber security in India is required not only to protect sensitive information stored in the computers of strategic Indian departments and ministries but also to safeguard the present and future critical infrastructure of India.

Not only critical infrastructure protection in India is needed but also critical ICT infrastructure protection in India (CIIP in India) is need of the hour. CIIP in India is an area that requires urgent attention of our policy makers. We must formulate a critical ICT infrastructure protection policy of India as soon as possible.

Similarly, cyberspace crisis management plan of India is also required to be formulated. We must formulate a national ICT crisis management plan of India. Further, Indian crisis management plan against cyber attacks and cyber terrorism must also be formulated.

All these, and many more, aspects must be made a part of the cyber security policy of India. A national cyber security policy of India must be formulated in this regard that is made implementable after a reasonable period. Issues like cyber warfare, cyber terrorism, cyber espionage, international cyber security cooperation, etc must be part of the same.

We need a clear and implementable cyber security strategy of India. The cyber security policy and strategy of India must be techno legal in nature that can take care of both technical and legal aspects of cyber security.

There is no second opinion that national security policy of India is required and cyber security is an essential and indispensable part of the same. The sooner we formulate and adopt the same the better it would be for the larger interests of India.

Thursday, September 15, 2011

Intelligence Community, Social Media And Open Source Intelligence

Intelligence Community has been engaged in “Intelligence Gathering Activities” for long. This may be covert or overt, technological or non technological, legal or illegal and so on. But this gathering exercise was there and it is going to be there in future as well.

However, modern practice of Intelligence Gathering is crucially different from traditional practices. Traditional Intelligence Gathering was more on the side of Human Intelligence (HUMINT) whereas the contemporary one is based more upon Information and Communication Technology (ICT).

As far as Technological Intelligence Gathering is concerned, Social Media is a “Favourite Destination” for Intelligence and Security Agencies. Social Media is a favourite destination because it is a “Gold Mine” of valuable and voluntary information available for ready reference. Social Media also provides the best platform for Open Source Intelligence (OSINT)

Social Media also, in majority of cases, provides a “Legally Obtainable” and “Legally Relevant” Evidence. Since the “Information” or “Evidence” is available “Openly” and to “Public at Large” and in a “Non Confidential” manner, generally any such acquired Information or Evidence can be “Relied Upon” in a Court of Law. However, “Admissibility” of such Evidence is subject to the “Discretion” of the Court and well established “Legal Principles”.

Besides Intelligence Agencies, Military Forces are also using Social Media to gain Information relevant to their uses. Military and Intelligence Agencies have been using “Fake Profiles” to get such Information. The aim may be to get a “Predictive Behaviour or Trend” or to obtain any other Information that is of “Strategic Importance”.

Getting Information from Social Media requires good Communication and Data Mining Skills. However, while doing so, one must not violate any Civil Liberties or Laws Protecting such Information. Although many countries have Social Media Laws, we have no dedicated Social Media Laws in India. Even we do not have any Social Media Policy of India.

Social Networking Laws in India are urgently required. To start with, we must have a Social Networking Policy of India. Open Source Intelligence through Social Media Platforms would raise a number of Techno Legal Issues, especially Civil Liberty Issues. For instance, questions like what constitutes “Public Data”, how can a Person Legally obtains Data, what is the “Relevancy” of such Information/Data, how the “Admissibility” of such Information/Data would be decided, etc would be asked.

Similarly, Privacy Issues, Speech and Expression Issues, scope and nature of E-Surveillance, etc would also be required to be resolved in future. This is a new field for both Law makers and Law Enforcers and needs an “Urgent Attention” of Parliament of India.

Sunday, September 11, 2011

The Obvious But Unsolvable Terrorism Dilemma Of India

A very unfortunate “Terrorism Trend” in India for the past decade makes it clear that Terrorists are attacking in India at will, they are “neither Deterred nor Traceable” and they are using Information and Communication Technology (ICT) in a manner that is much more sophisticated than the “Intelligence Capabilities” of Indian Agencies.

Naturally, every time a Terrorism Attack occurs in India, India looks towards United States (US) for “Leads and Help”. This is a very “Dangerous Trend” as Terrorist have realised very well that India cannot do anything to “Prevent and Solve” such Terrorists Attacks.

This is also the reason why India is facing “Similar Terrorists Attacks” again and again. This simply means that Intelligence Infrastructure of India is in “Big Mess”. There is no second opinion about the fact that Intelligence Infrastructure of India needs “Urgent Rejuvenation”.

The National Intelligence Grid (NATGRID) Project of India is one such “Ambitious Project” that can help in strengthening the Intelligence Infrastructure of India. However, Legal, Administrative and Bureaucratic issues have crippled its “Implementation” in India.

Even the National Counter Terrorism Centre (NCTC) Of India is required provided it takes care of Legal and Constitutional Issues. The problem with Projects like NATGRID and NCTC is that the Intelligence Agencies of India are beyond Parliamentary Oversight. Intelligence is a crucial work of “National Importance” but it cannot be a reason for Lack of Parliamentary Oversight and Non Accountability.

I think India needs to develop Techno Legal Intelligence Capabilities to fight against Terrorism and Cyber Terrorism. India must not only abdicate its Myopic Vision vis-à-vis Terrorism but must also actively use Technology to fight Terrorism in India. A Centralised ICT Control System for Intelligence in India can be really helpful.

Since Electronic Warfare, Cyber Terrorism and Cyber Espionage are going to increase in future, it is always beneficial for India to invest in areas like Signal Intelligence (SIGINT), Cyber Warfare Capabilities, Open Source Intelligence (OSINT), etc.

Indian officials are taking help from the foreign Agencies once more to analyse data relating to SIGINT, Communication Intercepts, movement of known terrorists and their front operatives during the past few weeks, etc. While taking help of Foreign Agencies is not wrong but it is a “Dangerous Trend” if such help taking becomes a “Routine” as is happening in case of India.

Time has come for the Indian Government in general and Home Ministry of India in particular to consider these issues “Seriously” and come up with “Effective Projects and Methods” that can save precious lives of Indian Citizens from Terrorist Attacks.

Saturday, September 10, 2011

NATO Requests Cyber Security Cooperation From India

In the absence of international cyber crimes treaty and international cyber security treaty, the next best thing is to have mutual cooperation between various countries. However, nothing can benefit more than an international cyber security cooperation that is urgently required.

In the absence of international harmonisation, the concept like cyber warfare still haunts the international community. This is also the main reason for blame game for various cyber attacks. However, mere suspicion or blame without actual authorship attribution for cyber attacks can produce only insignificantly beneficial results.

Recently India and US had signed a cyber security cooperation agreement. Now North Atlantic Treaty Organisation (NATO) has sought stronger cooperation with India to counter growing cyber threats, particularly emanating from China. Top NATO officials listed cyber security very high on the list of possible areas of cooperation, which included counter-terrorism, missile defence and anti-piracy operations.

"The cyber world does not recognise alignments. It only understands switches," said a top NATO official during a briefing to visiting Indian journalists, while making a strong pitch for joint efforts to combat cyber threats.

The NATO official made this remark in context of India's sensitivity against military alliances and its commitment to non-alignment. He suggested this could be a functional alignment in which both sides could give and take.

"India has an advanced cyber and IT industry and is very strong in cyber issues", he said, hinting that India and NATO can cooperate in this field. Democracies face challenges that are common. As democracies we can have a dialogue, as we deal with issues differently... We need to work together, because individually we cannot. It is better to deal with such issues commonly than deal with them individually."

He added that even though the threats were different, the nature of our responses could be similar, while seeing India as a strong partner with NATO on various issues. Though he did not mention any of India's neighbours from where the cyber attack challenge came, he hinted at China from where such threats had come in the recent past.

Seeking a partnership on matters relating to cyber security, the official pointed out that India and NATO had already reached at a tactical level understanding in dealing with piracy and shared a strategic level understanding in countering terrorism. Incidentally, in July this year some anonymous hackers had targeted NATO in a cyber attack and it decided recently to create a special task force to detect and respond to such attacks by beefing up its cyber defence network. While the United States has already signed a cyber security collaboration with India this July, the 28-nation political and military alliance is of the view that it can collaborate with it in protecting its cyber systems. NATO's 2010 Summit in Lisbon also recognised the growing threat of cyber attacks and sought to ally with partner nations to step its cyber security.

Friday, September 9, 2011

Council of Europe’s Draft Resolution On Abuse Of State Secrecy And National Security

National Security and National Secrets are two of the most common “Excuses” given by the Nations to bypass Constitutional and Human Rights Protections. Civil Liberties are blatantly violated under the garb of exercising powers under these two issues.

India is no exception to this rule as Laws like Indian Telegraph Act, 1885, Official Secrets Act, 1923 etc are frequently used in clear contraventions of Constitution of India, Right to Information Act, 2005 and similar Laws.

Unconstitutional Phone Tapping is the example of former Law whereas Non Disclosure of relevant and essential information under an RTI Application is the example of latter. Even the Supreme Court of India has shown its “Displeasure” with both the Laws.

While “Guidelines” for prevention of “Unauthorised Phone Tapping” have been provided by Supreme Court to cover the deficiencies of the former Law, yet it has suggested “Repealing” of the latter. However, Indian Parliament is least bothered about formulating “Essential Laws” and the Executive has made India an “Endemic E-Surveillance Society”.

This E-Surveillance Model of Indian Government is just “Harassing” the law Abiding Citizens of India and Cyber Criminals and Terrorists are still successfully giving effect to their nefarious activities. It is high time for the Indian Supreme Court to take note of this “Constitutional Anomaly”.

The Council of Europe has released a Resolution titled “Abuse of State Secrecy and National Security: Obstacles to Parliamentary and Judicial Scrutiny of Human Rights Violations”. It reads as follows:

1. The Assembly considers that judicial and parliamentary scrutiny of government and its agents is of vital importance for the rule of law and democracy. This also applies especially to so-called special services whose activities are usually kept secret. Security and intelligence services, the need for which cannot be put into doubt, must nonetheless not become a “state within the state”, exempted from accountability for their actions. Such lack of accountability leads to a dangerous culture of impunity, which undermines the very foundations of democratic institutions.

2. In combating terrorism, governments are increasingly invoking “state secrecy” or “national security” in order to ward off parliamentary or judicial scrutiny of their actions.

3. In some countries, in particular the United States, the notion of state secrecy is used to shield agents of the executive from prosecution for serious criminal offences such as abduction and torture, or to stop victims from suing for compensation. The United States also refused to co-operate, in particular, with the judicial authorities of Germany, Lithuania and Poland in the criminal investigations launched in those countries in view of numerous elements of proof of abductions, secret detentions and illegal transfers of detainees (see Resolution 1507 and Recommendation 1754 (2006) and Resolution 1562 and Recommendation 1801 (2007) of the Assembly).

4. The Assembly recognises the need for states to ensure effective protection of secrets affecting national security. But it considers that information concerning the responsibility of state agents who have committed serious human rights violations, such as murder, enforced disappearance, torture or abduction, should not be subject to secrecy provisions. Such information should not be shielded from judicial or parliamentary scrutiny under the guise of “state secrecy”.

5. The Assembly believes that there is no reason why judicial and parliamentary institutions should be less trusted than state executive bodies and their agents where the protection of legitimate secrets is concerned. As Canada demonstrated in the Maher Arar case, it is possible to put in place special procedures for the supervision of the activities of the special services guaranteeing both the adequate protection of legitimate state secrets and the protection of fundamental rights and freedoms.

6. Parliamentary supervision of the security and intelligence services, both civilian and military, is either non-existent or grossly inadequate in many Council of Europe member states. The permanent or ad hoc parliamentary commissions set up in several countries to oversee the activities of the secret services are hampered by a lack of information, which is under the exclusive control of the executive itself, and most often of a very small circle within the latter.

7. The Assembly welcomes the growing co-operation between different countries’ secret services, which constitutes an indispensible tool to confront the worst forms of organised crime and terrorism. This international co-operation should, however, be accompanied by equivalent co-operation between oversight bodies. It is unacceptable that activities affecting several countries should escape scrutiny because the services concerned in each country invoke the need to protect future co-operation with their foreign partners to justify the refusal to inform their respective oversight bodies.

8. The media play a vital role in the functioning of democratic institutions, in particular by investigating and publicly denouncing unlawful acts committed by state agents, including members of the secret services. They rely heavily on the co-operation of “whistleblowers” within the services of the State. The Assembly reiterates its calls for adequate protection for journalists and their sources (Recommendation 1950 (2011) and for “whistleblowers” (Resolution 1729 and Recommendation 1916 (2010)).

9. The Assembly can only welcome the publication, in particular via the “Wikileaks” site, of numerous diplomatic reports confirming the truth of the allegations of secret detentions and illegal transfers of detainees published by the Assembly in 2006 and 2007. It is essential that such disclosures are made in such a way as to respect the personal safety of informers, human intelligence sources and secret service personnel. The appearances of such websites is also the consequence of insufficient information made available and a worrying lack of transparence of Governments.

10. In some circumstances, in particular in the framework of the fight against terrorism, measures restricting freedom and violating fundamental rights are taken against suspect individuals who are not even informed of the – “secret” – grounds for suspicion on which these measures are based and do not have the possibility to seize an independent complaints mechanism. The Assembly reiterates its appeal in Resolution 1597 (2008) to the competent United Nations and European Union bodies to reform the “blacklisting” procedures, putting an end to such arbitrary methods and putting into place mechanisms that are both effective and respectful of the rule of law in order to neutralise persons suspected of supporting terrorism.

11. With regard to judicial inquiries, the Assembly:

11.1. welcomes the inquiries conducted professionally by the competent German and Italian authorities, which have shed considerable light on the abductions of Khaled El-Masri and Abu Omar;

11.2. welcomes the friendly settlements reached by the British authorities with the alleged victims of abuses committed by the British services and urges all interested parties to agree immediately on a framework satisfying the requirements of the European Convention on Human Rights regarding the duty to investigate allegations of torture for the special inquiry under the aegis of Sir Peter Gibson announced by the Prime Minister in July 2010;

11.3. urges the Lithuanian, Polish, Portuguese and Spanish prosecuting authorities to persevere in seeking to establish the truth about the allegations of secret CIA detentions and urges the American authorities to cooperate with them;

11.4. calls on the Romanian judicial authorities and those of “the former Yugoslav Republic of Macedonia” to finally initiate serious investigations following the detailed allegations of abductions and secret detentions in respect of those two countries, and on the American authorities to provide without further delay the judicial assistance requested by the prosecuting authorities of the European countries concerned;

12. With regard to parliamentary inquiries, the Assembly:

12.1. welcomes the determination of many members of the commission of the German Bundestag responsible for investigating the alleged involvement of the German services in CIA actions, while regretting that the government persisted in withholding the information requested by the commission, to the point that the Federal Constitutional Court, following an application by the opposition representatives, was forced to censure the government’s behaviour; deplores, however, that the end of the legislature did not allow for the commission’s work to continue after the judgment, as it was dissolved and not reconstituted;

12.2. welcomes the inquiry by the national security and defence committee of the Lithuanian Seimas which established the existence of two CIA secret detention centres on Lithuanian territory, while noting that the inquiry was unable to establish whether people had actually been detained and illtreated in those places, and whether Lithuanian senior officials were aware of the CIA actions in collaboration with agents of the Lithuanian secret service (SSD);

12.3. welcomes the untiring efforts of the All Party Parliamentary Group to establish the truth about the involvement of the British authorities in cases of illegal transfers of detainees concerning the United Kingdom;

12.4. Deplores that the Polish and Romanian parliaments confined themselves to inquiries, whose main purpose seems to have been to defend the official position of the national authorities;

12.5. Is surprised that the parliament of “the former Yugoslav Republic of Macedonia” considered it unnecessary to launch an inquiry into the El-Masri case, in the light of the clear findings of the European and German inquiries on this subject.

13. With regard to procedures for monitoring the secret services in general, the Assembly calls on Council of Europe member and observer states still lacking equivalent bodies to set up:

13.1. A parliamentary mechanism for monitoring the secret services, while ensuring that it has sufficient access to all the information needed to discharge its functions whilst respecting a procedure which protects legitimate secrets;

13.2. Special procedures so that legitimately secret information can be handled without endangering state security in criminal or civil proceedings concerning the activities of special services;

13.3. An adversarial procedure before a body allowed unrestricted access to all information to decide, in the context of a judicial or parliamentary review procedure, on whether or not to publish information which the government wishes to remain confidential.

14. With regard to international co-operation between oversight bodies, the Assembly calls on parliaments participating in the development of the future “Network of European expertise relating to parliamentary oversight of security and intelligence services” to consider widening the terms of reference of the future network and the range of participants in order to make it an effective instrument of co-operation between the competent bodies of all Council of Europe member and observer states, making it possible to remedy the shortcomings in parliamentary oversight resulting from increased international co-operation between the services in question.

[ See the Report (PDF) for all points]

50. Finally, the fundamental role played by whistleblowers must not be forgotten. Their importance of their contribution is in fact proportionate to the extent that secrecy is still imposed. It is not exaggerated that, still today – and in some cases even more so than in the past – we are confronted with a real cult of secrecy; secrecy as an instrument of power, as Hannah Arendt reminds us in the citation at the very beginning of this report. It is therefore justified to say that whistleblowers play a key role in a democratic society and that they contribute to making up the existing deficit of transparency. We said so before: the Assembly’s reports of 2006 and 2007 and, more recently, the revelations concerning “black sites” in Lithuania are due to a large extent to honest officials who, for ethical reasons and taking great risks, could not and would not take part any longer in illegal activities or cover them up by remaining silent. In this connection, we should also remember Bradley Manning, the young American soldier accused of providing Wikileaks with a large number of confidential documents. High-ranking American officials and numerous voices of international public opinion have expressed indignation at the inhuman and degrading treatment which Mr Manning is said to have undergone. It will be up to the courts to judge. But we cannot ignore that according to the very accusations made against him we are indebted to him for the publication both of a recording of a helicopter attack in Iraq, in which the crew seems to have intentionally targeted and killed civilians. The video recording seemingly indicates a deliberate criminal act which deserves at least an investigation, which, without this indiscretion, would have never been requested. This is a classic example of an illegitimate secret. In addition, the publication of a large number of embassy reports has allowed us to learn significant details of important recent events and which are obviously of general interest. We must not forget either that these publications have brought numerous confirmations of findings included in the Assembly’s reports of 2006 and 2007 on the CIA flights and secret prisons. All those who at the time called for “proof, proof!” have in any case been well served.

This is a good step in right direction and I hope India would also deal with the issues mentioned in this Resolution very soon.

Wednesday, September 7, 2011

Cyber Warfare’s Concept Still Haunts International Community

If we do not have an “Internationally Acceptable Definition” and “Legal Framework” for concepts like Cyber Law, Cyber Security, Cyber Forensics, Cyber Warfare, Cyber Terrorism, Cyber Espionage, etc, “Dissatisfaction and Chaos” is bound to occur. Thus, International Harmonisation of Legal Framework in these fields is “Urgently Required”.

This is more so when Information and Communication Technology (ICT) has empowered the Individuals with Powers and Capabilities that are far beyond contemplation in traditional Warfare. So there are no “Parallels and Comparison” between Traditional Warfare and Cyber Warfare in that sense. Traditionally you could not visualise or imagine an Individual to raise a War against a Nation but the modern Individual is “Capable” of launching Cyber Warfare if he/she has enough “Knowledge and Resources”.

Further, the lack of "Definition" and a "Harmonised Legal Framework" at International Level that can deal with an Act or Omission of an Individual, Organisation or Government Sponsored Institution are also “Big Hurdles” in dealing with Cyberspace issues at the International Level.

Till now we have no “Universally Acceptable” Cyber Crimes and Cyber Security Treaty or Convention. Further, we also do not have any International Legal Framework to deal with Cyber Espionage, Cyber Terrorism and Cyber Warfare. Till United Nations (UN) steps in and enacts “Universally Acceptable” International Cyber Law Treaty and International Cyber Security Treaty, this problem would remain murky and difficult to resolve.

Take the example of various Cyber Attacks and Cyber Espionage cases at the Country Level. In the majority of cases the blame for the same is put upon China. Not only China has been “Denying” the same but now China has been claiming to be a “Victim” of such Cyber Attacks itself.

We could keep on blaming China or some other Country as a “Rouge State” for various Cyber Attacks but beyond that we cannot do anything. Even we cannot "Prove with Certainty" that the Cyber Attacks were launched from China or any other Country. The Internet Protocol (IP) Addresses may “Point” to a particular Jurisdiction, but to prove the guilt of the same Jurisdiction “Conclusively” is a totally different Challenge.

Till International Cooperation in the fields like Cyber Law and Cyber Security are achieved, the Blame Game can go on forever with little benefits. However, International Legal Frameworks for Cyber Law, Cyber Security and Cyber Forensics are very difficult to achieve. Nonetheless they are “Absolutely Required” and the more we delay them the greater are the chances of “Global Cyberspace Unrest”.

Monday, September 5, 2011

Electronic Service Delivery Policy Of India

Electronic Delivery of Services can ensure Transparency, Effectiveness and Accountability. Further. It can also significantly reduce Corruption that is widely prevalent in Indian Governmental dealings. Unfortunately, India has no mandatory E-Governance Services Legal Framework.

Indian Government, on one pretext or other, has “Ignored” this much needed requirement for decades. For instance, the Information Technology Act 2000 (IT Act 2000) was enacted in the year 2000 still the Law has the “Disabling Provision” that is preventing implementation of Electronic Delivery of Services in India.

The IT Act 2000 says that none can insist that services should be delivered in an “Electronic Form”. This practically means that despite the IT Act 2000, Indian Government has “No Intentions” to “Legally Empower” its Citizens through Electronic Delivery of Services.

Like in the past, once again the World Bank has given a huge loan to Indian government to ensure a Policy for Electronic Delivery of Services in India. However, this loan itself is based upon a “Wrong Premise” that restricts the obligations to formulate “Policy Alone” in this crucial field. The loan should have been tied up with a Sound and Effective Electronic Delivery of Services Legal Framework in India.

To justify usage of this loan amount, a bill for Electronic Services Delivery in India has been proposed. However, the proposed Draft Electronic Services Delivery Bill 2011 “failed” to provide Mandatory E-Governance Services in India. In fact, the proposed EDS Bill 2011 has been criticised by many in India.

The “Biggest Shortcoming” of the proposed Bill is that it is “Not Mandatory” upon States and various Stakeholders. “Too much Discretion” is available to States to deny the possible benefits of Electronic Delivery of Services to Indian Citizens. In short, although in “Form” it is an effort to justify the loan yet in “Substance” it has little “Positive Benefits” for Indian Citizens.

Let us start with an Electronic Delivery of Services Policy of India and then proceed forward for a Legal Framework in this regard. If we start with the objective of “Exclusion” rather than “Inclusion”, not much can be expected from any such initiative.

Sunday, September 4, 2011

Social Media Laws In India

Social media includes social networking sites, blogs, forums, wikis, etc. Social media is growingly seen as a medium to connect with millions of professionals, friends and like minded individuals and organisations.

India is also witnessing a growing revolution of information and communication technology (ICT) and social media usage. However, till now we have no social media policy in India. Even we do not have dedicated social networking laws in India that can take care of the misuses of social platforms.

However, the framework and guidelines for use of social media for government organisations has been recently suggested by department of information technology. Theses guidelines provide an Indian social media framework for governmental departments and organisations that employees of these organisations must follow.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that Indian government must enact strong and effective social media laws, e-governance laws and e-commerce laws in India. These three fields are going to assume centre stage in the near future and their regulation by Indian government would be required.

Till now India has enacted a single technology law in the form of information technology act 2000 (IT Act 2000). It has tried to cover all the three issues but not with great success. This is so because these three fields are very vast and require a different treatment and separate law. Perry4Law and PTLB strongly recommend enacting suitable laws in this regard.

E-Commerce Laws In India

Electronic commerce in India (E-commerce in India) has slowly and steadily entered the Indian market. Toady from tickets booking to purchasing of good and services, everything happens in an online environment.

Of course, where commercial transactions occur, disputes and differences are bound to occur. To prevent and resolve these disputes we need norms, regulations and laws that are acceptable to all the stakeholders.

The e-commerce law of India is primarily incorporated in the information technology act, 2000 (IT Act 2000) that takes cares of legal obligations of both sellers and buyers of good and services in cyberspace.

The IT Act 2000 prescribes rules and norms for online contract formulation. The traditional concepts of offer, acceptance etc, as applicable under the contractual laws, have also been covered by the IT Act 2000. The only difference is that they have been customised as per the requirements of cyberspace.

However, e-commerce transactions and contracts also attract certain additional legal liabilities that e-commerce players in India are not very much aware. For instance, very few e-commerce players in India are aware that they are “intermediaries” within the meaning of IT Act 2000.

Further, other laws, including intellectual property laws, make these e-commerce players labile for civil and criminal actions. For instance, these e-commerce players can be held liable for online infringement of copyright in India of the copyright owners.

Similarly, if any person posts an offending material at the e-commerce site or otherwise deal with the e-commerce site in an illegal manner, the e-commerce site owner may find himself in trouble.

Cyber law due diligence in India is one aspect that all e-commerce site owners must frequently engage in. The present laws of India are stringent in nature and subsequently claiming ignorance of such laws would not make much difference.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that before opening an e-commerce site or business, the owner of the same must consult a good techno legal law firm that can advice him upon all the possible and applicable aspect of e-commerce laws in India.

Saturday, September 3, 2011

Social Networking Laws In India

Social networking in India has increased tremendously. This has also given rise to many legal issues as well. Most of these legal issues are related to online acts or omissions that are resulting in giving rise to civil and criminal liabilities.

Laws ranging from intellectual property rights (IPRs) to information technology laws are applicable to social networking acts or omissions in India. The growing demands for cyber due diligence in India has further necessitated for adopting of a sound social networking policy in India by various stakeholders.

Social networking media is an “intermediary” within the meaning of Indian information technology act 2000 (IT Act 2000). Thus social networking sites in India are liable for various acts or omissions that are punishable under the laws of India. For instance, social networking sites are liable for online IPRs violations, including online copyright violations in India.

Although we have no law on the lines of online copyright infringement liability limitation Act (OCILLA) of United States yet the “safe harbour” provisions protecting intermediaries are not available under certain conditions as per Indian laws. Social networking sites must be aware of these limitations while operating in India.

At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been spreading public awareness about social networking issues in general and cyber laws in particular. We hope that social networking sites would be cautious while operating in India.

Social Media Policy Of India

Social media is playing an important role these days. Educated citizens are freely and openly airing their views on social media platforms. Many times such views are critical in nature that point to the shortcomings of governmental polices and functioning.

Obviously, governments cannot afford to take such criticisms casually. This is the reason why many countries have social media policy at place. India has no social media policy for governmental departments and its employees. Still many governmental employees are using various social platforms to express their views.

For the first time, a social media framework and guidelines for Indian government organisations has been suggested. However, keeping in mind the past record of Indian government, this may be another proposal that would not be fulfilled.

However, Indian government cannot take the social media policy casually. Information and communication technology has changed the way we communicate and share information. Social media is disruptive and potentially revolutionary in nature because it can connect large numbers of people with relative ease. Thus, it becomes important for the governments to have a separate social media wing that can communicate with its citizens in a timely and friendly manner.

The aim of any future social media policy of India must be to put citizens firmly at the centre of government service delivery and information distribution. Social media technologies can support this aim because they are intrinsically about dialogue and engagement within and between individuals and communities.

Perry4Law and Perry4Law Techno Legal Base (PTLB) have already started initiatives that can rejuvenate citizen to government (C2G) participation in India. In fact, Perry4Law and PTLB have already started the exclusive C2G LPO and KPO services in India.

We hope that sooner we would have an Indian social media policy that can cater the requirements of Indian citizens in the best possible manner.

Framework And Guidelines For Use Of Social Media For Government Organisations

The recent agitation and public outcry for the passing of Jan Lokpal Bill of India 2011 has shown the power of “Collective”. Indian Government has realised that “Collective Wisdom” and “Strength of Public” cannot be Controlled or Suppressed.

Now it is also clear that mere “Promises” and “Proposals” would not fool Indian Citizens any more and “Actual Implementation” would be “Forced” upon the Indian Government if it keeps on linger implementation of the same for long.

Although proposals for including the Citizens of India within the fold of “Decision Making” was mooted previously as well, but they were merely “Proposals” with no actual implementation. Till now we have no Legal Framework or Regulation that can Empower Citizens to “Participate” in Decision Making process and the same proved to be a “Political Gimmick” only.

Similarly, proposals regarding providing of Electronic Delivery of Services to Indian Citizens were given from time to time, but the ultimate Draft Electronic Delivery of Services Bill, 2011 proved to be a “Mockery” of this Principle. The ultimate EDS Bill 2011 proved nothing more than “Legal Jargon” with no actual “Empowerment” of Indian Citizens.

Now Indian Government has come up with another “Proposal” that may or may not receive the same fate as has been faced by Citizen’s Participation and Electronic Delivery of Services initiatives of Indian Government. A new Framework for use of Social Media by Governmental Organisations has been suggested by the Department of Information Technology (DIT).

This is not the first time that any such Framework has been suggested by any country. Other countries have already suggested such Framework but they are actually implementing the same. Can India implement the same is the big question and only time would answer that question.

Friday, September 2, 2011

Now Home Ministry Of India Is Opposing UIDAI

The unique identification project of India (UID project of India) or Aadhar project of India is one of the projects that are openly violating the provisions of Indian constitution. Techno legal experts of India have even declared Aadhar project of India as illegal and unconstitutional.

Even on the non legal side, Aadhar project is not supported by any project analysis and management. Hard earned public money is literally wasted by Indian government without any parliamentary oversight. Surprisingly, the unique identification authority of India (UIDAI), led by Nandan Nilekani, is openly operating to the great detriment of Indian constitution and civil liberties.

Now even the Home Ministry of India has raised concerns that a fresh proposal of the UIDAI to independently collect biometric details could lead to duplication of effort and lead to wastage of public funds.

The Cabinet had earlier mandated the census commissioner to create the national population register (NPR), a biometrics-based identity system. This required the census commissioner to create a data-base of all residents through door-to-door enumeration and pass this database to UIDAI that will take care of duplication and issue number of each unique resident.

In a proposal set to come up before the Cabinet soon, the UIDAI had asked for over Rs.14, 840 crore to fund the authority's effort to independently create its own database of all residents over five years. Asked, home minister P Chidambaram said the UIDAI had been given permission by the Cabinet to collect biometrics of a limited number of cases till the NPR was completed.

"Now I think UIDAI is bringing paper to the Cabinet Committee of UID. The home ministry, the Planning Commission and others have given their comments," Chidambaram said, adding that no decision had been taken so far by the Cabinet Committee. "When the Cabinet Committee takes a decision, I will tell you what the decision is," he said.

Government officials said the census commission has already completed the task of collecting forms from all residents. So far, biometrics of 30 lakh people have been captured, the home minister announced in his monthly report to the people. Officials said the law did not permit them to use the data collected by the UID for its NPR.

CCTNS Project Of India To Be Launched Shortly

Crime and Criminal Tracking Network and Systems (CCTNS) Project Of India (CCTNS Project of India) is a serious effort on the part of Home Ministry of India to modernise the law enforcement functions in India. Although the modernisation efforts are in the pipeline yet they have not still matured fully.

At Perry4Law and Perry4Law Techno Legal Base (PTLB) we believe that cyber police reforms in India are urgently required. However, there is a void that has to be filled by Home Ministry before India can have a capable techno legal police force. PTLB has been managing a techno legal ICT training centre for police force that intends to fill this void and make our police force techno legal in nature.

A trained cyber police force of India is also required to effectively manage ambitious projects like CCTNS project of India. Further, if we talk about the national intelligence grid (Natgrid) project of India as well, we would also require intelligence gathering skills development in India.

The Union Home Ministry will launch its ambitious CCTNS project, as a pilot project, from September 1 in Assam, Kerala and Uttar Pradesh. This is only a trial run where they will use the software in the States to connect all the police stations and enable the police to track criminals in real time.

The National Crime Records Bureau (NCRB), the nodal agency for the CCTNS, will launch pilot phase in the three States. As the NCRB does not have requisite capability, other experts would help it in achieving this task. Other checks on safety and quality will also be carried out during the pilot phase.

Once implemented, the CCTNS will facilitate collection, storage, retrieval, analysis, transfer and sharing of data and information between police stations, their state headquarters, central police organisations and other security agencies. Information on any case, right from an offence being registered to its investigation and prosecution will be available on a secure network at the click of a button.

Further, this capability of CCTNS project would also be added to the Natgrid Project thereby making information held by 21 databases available to security agencies. This includes immigration records, airlines, mobile, bank and credit card transactions and travel details creating a maze of rich data that would enable 11 intelligence and investigation agencies to launch hot pursuit of a criminal.

The CCTNS also offers benefits for ordinary citizens. It is expected to simplify the process of registering and tracking petitions and First Information Report (FIR), giving access to general services such as requests for certificates, verifications and permission, registering grievances against police, tracking the progress of a case during trail and access to reports for stolen or recovered vehicles and property through a citizen interface.

Thursday, September 1, 2011

Why E-Courts In India Failed?

Electronic courts in India (e-courts in India) have been discussed in India for long but till now we are still waiting for the establishment of first e-court in India. From time to time it has been reported that e-courts have been established in India but none of these claims are true.

There is no doubt about the proposition that e-courts infrastructure in India needs urgent rejuvenation. The so called e-courts project of India has failed to materialise and Indian government must seriously think in this regard.

To start with, we must stress upon e-courts skills development in India. At Perry4Law and Perry4Law Techno Legal Base (PTLB) we believe that without adequate techno legal e-courts skills, the e-courts project of India would never materialise.

Realising this crucial shortcoming, Perry4Law and PTLB have even established the exclusive techno legal e-courts research, education and training institution of India and the world. The e-courts centre of PTLB provides many techno legal e-courts related services that can help in the successful implementation of e-courts project of India and other jurisdictions.

Indian laws and judiciary can become more user friendly through use of e-courts. Speedier justice through e-courts way is the future of Indian judicial system that has been ignored for long. Time has come to give e-courts a serious consideration, preferably on a public private partnership model.