Public Records Keeping Framework In India

Public Records keeping is a very important aspect though it is often not considered to be very important by the National Policies of a nation. Public Records keeping may be a voluntary exercise or a requirement of one or more Laws.

Although there are many “Statutory Laws” in India that required Companies, Individuals and Government Departments to keep Public Records for public scrutiny or general use yet the Public Records Act 1993 (PRA 1993) of India is a “Specilaised Law” for keeping the “Non-Current Records” of Indian Government and its Departments and Agencies etc.

It is an Act to regulate the Management, Administration and Preservation of Public Records of the Central Government, Union Territory Administrations, Public Sector Undertakings (PSUs), Statutory Bodies and Corporations, Commissions and Committees constituted by the Central Government or a Union Territory Administration and matters connected therewith or incidental thereto.

Section 2(e) of the PRA 1993 says a “Public Record” includes (i) Any document, manuscript and file; (ii) Any microfilm, microfiche and facsimile copy of a document; (iii) Any reproduction of image or images embodied in such microfilm (whether enlarged or not); and (iv) Any other material produced by a computer or by any other device, of any records creating agency. The definition of “Public record” is very wide and it covers both traditional Paper based as well as contemporary Electronic Records.

Section 4 of the PRA 1993 provides that no person shall take or cause to be taken out of India any Public Records without the prior approval of the Central Government. However, such approval is not required if any Public Records are taken or sent out of India for any official purpose.

Section 8(1) of the PRA 1993 provides that save as otherwise provided in any law for the time being in force, no Public Record shall be destroyed or otherwise disposed of excepts in such manner and subject to such conditions as may be prescribed. Section 8(1) provides that no record created before the year 1892 shall be destroyed except where in the opinion of the Director General or, as the case may be, the head of the Archives, it is so defaced or is in such condition that it cannot be put to any archival use.

Section 9 of the Act provides that whoever contravenes any of the provisions of section 4 or section 8 shall be punishable with imprisonment for a term which may extend to five years or with fine which may extend to ten thousand rupees or with both.

The PRA 1993 must be applied keeping in mind the “contemporary technological advances”. For instance, Digital Preservation in India is an issue that has not yet been taken seriously by Government Departments. Of course, Public Records Keeping Framework of Reserve Bank of India (RBI) is an exception to this apathy. Let us hope the Techno Legal issues of Public Records would be taken care of by Indian Government in general and Ministry of Culture in particular.

Digital Preservation In India

Digital preservation is the process where traditional records and data as well as contemporary records are managed and preserved in a manner so that the information can be accessible by our future generations.

The importance of digital preservation cannot be underestimated as many valuable documents and archives of various societies have been lost forever in the absence of digital preservation. If those documents and archives could have been preserved in electronic form, they would have been available toady.

Digital preservation has also assumed significance due to the extensive adoption of Internet and networking technologies. Individuals and organisations are producing vast amount and diverse nature of digital information that if not preserved would be lost forever. Digital preservation is a trustworthy solution ensuring long-term access to the past and contemporary digital information form future references.

Digital preservation in India is in its infancy stage. Although some discussions in this regard have been undertaken by some departments of Indian government yet they are far from satisfactory. Even a national digital preservation programme (NDPP) of India has been launched but it has been lying dormant for many years. Of course, some institutions like Reserve Bank of India (RBI) have good public records keeping framework.

Presently, India has no well defined legal framework for digital preservation in India. Neither the technical nor the legal issues have been resolved by India in this regard so far. According to experts, digital preservation framework in India is missing as we do not have a “dedicated” techno legal digital preservation laws in India. However, laws like Public Records Act, 1993, Right to Information Act, 2005, proposed Electronic Services Delivery Bill 2011 (Bill), etc mandates digital preservation and digitilisation of records in “Electronic Form”.

Digital preservation issues in India are going to be more complicated with the enactment of laws like digital millennium copyright act (DMCA). Efforts are in the pipeline for adoption of an efficient digital rights management (DRM) system in India. Intellectual property rights (IPRs) are commonly found conflicting with digital preservation initiatives. Technological issues of IPRs would also pose great challenges before the digital preservation initiatives of India. We also need to change form of various IPRs protected works from one form to another. This sometimes results in IPRs violations.

Further, technological challenges have also to be managed by India in this regard. With the rapid advancement of technology day by day, old applications and methods are becoming obsolete. We need to upgrade them from time to time. Recent traditional knowledge digital library (TKDL) of India is one of the most innovative and much needed initiatives undertaken by Indian government. Being a digital library it must ensure digitalisation of contents as well as their digital preservation.

In short, digital preservation initiatives of India need urgent reforms. The task is really difficult unless good experts are involved in this much needed project. For the time being, digital preservation initiatives of India are falling well short of the desired actions. It would be a better strategy if the Indian government starts working in the direction of enacting a suitable techno legal framework for digital preservation in Indian as soon as possible.

Indian government in general and ministry of culture in particular must pay special attention to digital preservation requirements as in future the culture ministry would be the one that would require it most.

Indian Government Waking Up To Privacy Laws Requirements

Of late Fundamental Rights and Civil Liberties of Indian Citizens in Cyberspace have been totally neglected by the Executive and Legislative Branches of Indian Constitution. Unfortunately, even Judiciary failed to interfere and we have reached a “Precarious Situation” where the Constitution of India, especially Fundamental Rights, are about to be made “Redundant and Non Existent”.

While United Nations has declared that “Access to Internet” is Human Rights yet Indian Government is well committed to deny not only this Human Rights but also all other possible Human Rights in Cyberspace.

Naturally, there is a need to protect Human Rights in Cyberspace before we fully launch various E-Surveillance and Civil liberties Violating Projects in India. Security and E-Surveillance Projects have been launched by Indian Government without any “Procedural Safeguards” and in active “Violation” of Human Rights in Cyberspace. The only solace is that these Projects are in their infancy stage and they can still be made “Constitutional”.

For instance, Projects like National Intelligence Grid (NATGRID), Central Monitoring System of India (CMS), Centre for Communication Security Research and Monitoring (CCSRM), Aadhar Project of India, Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), etc have no “Procedural Safeguards” and they are violating Human Rights and Fundamental Rights in their “Present Form”. These Projects have been launched without any Legal Framework and Parliamentary Oversight. Further, even the most “Basic Laws” like Data Protection Laws, Data Security Laws, Privacy Laws, etc are missing in India.

Realising the “Gravity of the Situation”, the Planning Commission of India has now decided to call a high-level meeting of experts, civil society representatives and government officials to address these concerns. The Commission admits that initiatives like UID, NATGRID, DNA profiling, brain mapping and tapping communication, etc are “Genuine Concerns” and they need to be addressed properly. The Commission has also suggested using “Inbuilt Technological Safeguards” for all these Projects.

At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been constantly suggesting that privacy is a key concern in all these Projects as people's personal information would be stored in a single database and the possibility of corruption and exploitation could not be ruled out.

The minister, incharge of IT in the plan panel, said it is necessary to have in-depth and threadbare discussion with experts, civil society representatives and government officials to ensure that the objective of national security and efficiency in public service delivery mechanism are effectively reconciled with the privacy concern of citizens.

This is a good step in the right direction and Perry4Law and PTLB welcome this step of Indian Government.

ICANN Approval Of New GTLD Names And Unforeseen Challenges

Internet Corporation for Assigned Names and Numbers (ICANN) has been planning to expand the list of generic top level domain names (gTLDs) among several issues. The same was put as one of the items of the agenda to be voted and decided by ICANN at the second public meeting of the year on 20th June 2011 at Singapore. Finally, after a long gestation period, ICANN has approved the idea of allotting new gTLDs.

ICANN's Board of Directors has approved issuance of new gTLD. The Board vote was 13 approving, 1 opposed, and 2 abstaining. ICANN has opened the Internet's naming system to unleash the global human imagination. Today's decision respects the rights of groups to create new Top Level Domains in any language or script. We hope this allows the domain name system to better serve all of mankind," said Rod Beckstrom, President and Chief Executive Officer of ICANN.

New gTLDs will change the way people find information on the Internet and how businesses plan and structure their online presence. Internet address names will be able to end with almost any word in any language, offering organisations around the world the opportunity to market their brand, products, community or cause in new and innovative ways.

"Today's decision will usher in a new Internet age," said Peter Dengate Thrush, Chairman of ICANN's Board of Directors. "We have provided a platform for creativity and inspiration, and for the next big dot-thing."

The Applicant Guidebook, a rulebook explaining how to apply for a new gTLD, went through seven significant revisions to incorporate more than 1,000 comments from the public. Strong efforts were made to address the concerns of all interested parties, and to ensure that the security, stability and resiliency of the Internet are not compromised.

ICANN will soon begin a global campaign to tell the world about this dramatic change in Internet names and to raise awareness of the opportunities afforded by new gTLDs. Applications for new gTLDs will be accepted from 12 January 2012 to 12 April 2012. This would also result in an increased domain names disputes in future and it would also bring unforeseen challenges for ICANN.

Since domain name disputes are going to increase in near future, Perry4Law Techno Legal Base (PTLB), the premier techno legal segment of India’s exclusive techno legal ICT and IP Law Firm Perry4Law, has shared the Uniform Domain-Name Dispute-Resolution Policy (UDRP) of ICANN with all interested person and institutions.

The UDRP is a process established by ICANN for the resolution of disputes regarding the registration of Domain Names. The UDRP currently applies to all .biz, .com, .info, .name, .net, and .org top-level domains, and some country code top-level domains. It is supplemented by Rules for Uniform Domain Name Dispute Resolution Policy (Rules).

At Perry4Law and PTLB we believe that, in future, ICANN’s Applicant Guidebook needs to consider and adopt many more crucial issues like upgradation of UDRP procedure, better and expeditious Dispute Resolution Mechanism, enhanced Cyber Security Initiatives for Domain Name and DNS, better National and International Cooperations with Governments, NGOs and Dispute Resolution Providers, considering interests of Developing Countries and NGOs, etc.

These issues have been, by and large, already covered by the Applicant Guidebook to a greater extent. However, there is always scope for the improvement. If ICANN wishes, we can provide “more detailed analysis” in this regard.

However, irrespective of ICANN’s stand on our proposition, new challenges and unforeseen events would confront it and ICANN must be well prepared in advance in this regard.

Encryption Policy Of India Is Needed

Use of Encryption in India has never been smooth. Intelligence Agencies in general and Central Home Ministry of India in particular are very much concerned about use of Encryption beyond 40 bits. However, what Home Ministry is not realising is that anything below 128 bits of encryption is definitely “Unsafe” and anything below 256 is “Potentially Unsafe”.

The Stakeholders that need “Higher Encryption Level Protection” includes Banks, Stock Exchanges, E-Mail Service Providers, Corporate Communications, Sensitive Government Communications, etc. It is “Not Feasible” to ask for Encryption Level below 256 bits.

Obviously, Indian Government has to take care of National Security and Law Enforcement needs as well. This does not mean we should have a “Weak Cyber Security Infrastructure” in India. On the contrary, we must ensure a Strong, Robust and Resilient Cyber Security Infrastructure for India.

At Perry4Law Techno Legal Base (PTLB) we believe that India should invest in establishing good Techno Legal Cyber Security Capabilities on the one hand and Cyber Skills and Intelligence Gathering Skills Development in India on the other hand. We believe that E-Surveillance can never be an “Alternative” for good and effective Cyber Security and Intelligence Gathering Capabilities. E-Surveillance must “Supplement” Intelligence Gathering Skills and “Not Supplant” the same.

This entire problem is happening because we have no Encryption Policy in India that clearly demarcates what level of Encryption can be used and what level cannot be. Further, we have no Legal Framework regarding Encryption usage in India.

We also have no Encryption Laws in India or Encryption Framework and Norms in India that have been “Prescribed” by the Parliament of India. All we have are “Encryption Guidelines” that are incorporated in various “Civil Contracts” with Telecom Companies and other such Companies. At most they are “Departmental Guidelines” but they do not have the “Force of Law”.

They are indirectly made applicable as “Forced Conditions” by the Telecom Companies and other Stakeholders. The “Legality” of this is very much doubtful as “End Users” have no “Autonomy” and “Free Choice” in such cases.

The Cyber Law of India, as applicable through Information Technology Act 2000 (IT Act 2000) has a single provisions in this regard. Section 84A of IT Act 2000 says that the Central Government may prescribe the modes or methods of Encryption. Till now the Central Government has not prescribed any “modes or methods” of Encryption usage in India. In fact, the IT Act 2000 is so “Badly Drafted” that many of its provisions are “Unconstitutional” and there is an urgent need to “Repeal” the Cyber Law of India.

It is high time for us to formulate a Techno Legal Encryption Policy for India as soon as possible. The Encryption Policy of India must keep in mind the Commercial, Cyber Security, Cyber Law, National Security, Intelligence Agencies and Law Enforcement requirements.

Further, the Indian Encryption Policy must also keep in mind the Civil Liberties in Cyberspace. Recently, the United Nations has declared that “Access to Internet” is a Human Right. Indian Government must “Balance” the National Security Requirements with Human Rights in Cyberspace as giving “Primacy” to one over another is not feasible.

Perry4Law and PTLB hope that Indian Government would take immediate steps to accommodate these “Suggestions” of ours.

European Union (EU) Forms CERT Group To Fight Cyber Attacks

European Union (EU) is preparing to boost its cyber security to effectively tackle the growing incidences of cyber crimes and cyber attacks. EU has also requested governments of various European countries to consider cyber security seriously.

Cyber security experts from across the Europe have joined hands to form the Computer Emergency Response pre-configuration Team (CERT) group. The group consists of cyber security experts working in various EU institutions and a time framework of 1 year has been given to it to share its expertise. Within this time framework, the group has to show if it can effectively and efficiently respond to cyber threats and incidents on a 24x7 basis.

Neelie Kroes, vice-president of the European Commission for the Digital Agenda said: "Cyber-attacks are a very real and ever-increasing threat. Whether against individual countries, companies or most recently against the European Commission, they can paralyse key infrastructure and cause huge long-term damage."She said the CERT team is a demonstration of how seriously the EU Institutions take the cyber-security threat.

Kroes said she wants the UK government to establish its own CERTs, paving the way to an EU-wide network of national and governmental emergency response teams by 2012.

Britain is under constant cyber attack and last year 1,000 potentially harmful hacking attacks were blocked, according to defence secretary Liam Fox. In a speech last week to defence suppliers, Fox said that the cost to the UK economy of cyber crime is estimated to be £27bn a year and rising. "These are attacks against the whole fabric of our society," he said.

The US Department of Commerce (DoC) is urging companies with an online presence to develop and adopt a code of contact to prevent cyber-attacks, in an indication the industry and government realise the importance of online security. The DoC is calling for the development and implementation of a code of conduct as part of a broader effort by Obama administration to fight cyber-crime.

Meanwhile, both EU and UK are working hard to ensure robust cyber security. For instance, Scotland Yard has established a cyber flying squad, EU has set up as team of cyber crime fighters, UK is looking forward for cyber crimes fighters and so on. Let us see whether India would also take its cyber law and cyber security seriously.

The Role Of ICT In Effective Judicial System

Information and communication technology (ICT) has a crucial role to play in the timely and effective justice dispensation. Online dispute resolution (ODR), e-courts, video conferencing, digital evidencing, sending bail orders and notices through e-mail, knowing online status of cases, online delivery of certified copies of judgments, etc are some of the examples of use of ICT for effective justice delivery.

Successful establishment of e-courts can take care of all the abovementioned aspects of use of technology for effective judicial system. E-courts can take care of issues ranging from filing of cases to the delivery of certified copy of the judgment.

In the Indian context, we are still waiting for the establishment of first e-court of India. Although media reports of establishment of e-courts in India have been surfacing from time to time since 2003 yet as on data we do not have a single e-court in India. Media reports have confused “computerisation” with e-courts as all that has happened in India is computerisation of some traditional aspects of litigation and nothing more.

E-courts require the capability and expertise to provide all litigation services in an online environment. To achieve that purpose we need to have e-courts skills development initiatives in India.

Law Ministry of India must urgently take initiative in this regard as sufficient funds have already been allocated for establishment of e-courts in India and for improving the judicial infrastructure of India.

It has been more than 8 years since it was first declared that e-courts would be established in India. However, lack of expertise has failed this much needed integrated mission mode e-governance project of India. Time has come to give it a dedicated try.