Tuesday, December 8, 2015

Proposed National Telecom Security Policy Of India 2014 Must Be Balanced And Constitutional

The Telecom Security Policy of India 2014 was originally discussed by the Congress led Government. However, the Congress Government faced a defeat in the elections and now it is for the Narendra Modi led BJP Government to come out with a Telecom Security Policy for India. The Telecom Security Policy declared by Congress was defective on numerous counts and now we have to see what BJP led Government would do in this regard.

If we consider the media reports, the Central Government has proposed a new Telecom Security Policy of India. It has made few changes to the Policy declared by Congress Government. The National Telecom Security Policy is unlikely to include measures on standards that would protect public health and safety. The Government authorities have deleted the portion that emphasised rules regarding “public health and safety” in the revised draft of the Telecom Security Policy. The issue of radiations from mobile towers in India is a controversial one and the proposed Policy seems to be ignoring that aspect.

The proposed Policy has made it sure that Law Enforcement Agencies of India would be allowed to request interceptions and e-surveillance activities. Of course, in order to exercise this power, there is a dire need to modernise the Police force of India. Similarly, a lawful and constitutional interception law in India is also needed to make such requests immune from legal attacks. With the proposal to allow satellite based mobile services in India, a “Techno Legal Framework” must be formulated by the Government as soon as possible. Such a Legal Framework must be “Constitutionally Sound” and not just a collection of “Legal Jargon” as was done during the Congress Government time.

Recently Vodafone declared that Indian Government has been using Secret Wires to indulge in e-surveillance. This approach of Indian Government is definitely violation of Fundamental Rights of Indian Citizens. Realising the gravity of the situation, the Department of Telecommunication (DOT) has been ordered to investigate the issue. However, the stand of Narendra Modi Government regarding e-surveillance projects like Central Monitoring System (CMS) Project of India and Internet Spy System Network and Traffic Analysis System (NETRA) of India is still not clear. This would create troubles for the Government as well as for the Telecom Security Policy in the near future.

For instance, the draft Telecom Security Policy prescribes that cellular operator will mandatorily have to allow Law Enforcing Agencies to intercept calls, messages, and any other communications and the access to monitor it in real time, while keeping the communications secured. However, there is no Constitutional Lawful Interception Law in India as on date and this requirement would be a violation of Fundamental Rights of Indian Citizens.

The revised draft Policy also states that telecom service providers should endure that user data is not revealed or duplicated or copied or shared with recipients other than those designated by the sender, and should ensure that user data is not being routed outside the infrastructure within India when the end points of communication are inside Indian territory. This requirement would strengthen the Privacy Rights in India of the Indian Citizens. Privacy Rights in India in the Information Era require a totally different strategy and this provision would strengthen the same. This provision is also required to comply with the provisions of the Public Records Act, 1993.

Telcos will also be required to ensure authentication of end user, authorised access to services and attribution of activities and payloads to end users. However, this is not an easy task especially when Authorship Attribution in Transborder Cyber Crimes cases is very difficult to maintain. India is not very good at use of Cyber Forensics Practices. There is an urgent need to develop Cyber Forensics Investigation Solutions in India that are missing as on date. Indian law Enforcement Agencies must also understand that an IP Address should not be the Sole Criteria for Arrest and Conviction in India. The Cyber Forensics Trends and Developments in India (PDF) do not support the type of responsibilities attributed to Law Enforcement Agencies by the propose Telecom Security Policy. Even Regulations and Guidelines for Effective Investigation of Cyber Crimes in India are missing.

The proposed policy also directs that the attribution in the form audit, forensic and tracking mechanisms should ensure tracking of inappropriate use, criminal activities and enforcement of IT and cyber security laws of the Government. Earlier, the Government had differences with Blackberry over the encrypted message and email services the firm provides to customers. Fearing that such encrypted services can be used to plan and execute terrorist strikes, India had also threatened to ban the providers of such services if they failed to accommodate the legitimate demands of Law Enforcement Agencies.

It has been claimed that Silent Circle can provide safe, secure and encrypted electronic and wireless communications to its clients and Law Enforcement agencies may find it difficult to crack its encryption. However, we cannot effectively tackle encryption related issues till we have Encryption Policy of India (PDF) in place that must be based upon a dedicated Encryption Law of India. We also need dedicated Cyber Security Laws in India to manage cyber security relate issues. The Cyber Security Trends in India (PDF) have proved that India has a Poor Cyber Security Infrastructure. Intelligence Agencies Reforms in India must also be undertaken as soon as possible.

The proposed Telecom Security Policy of India must address all these issues in order to be “Balanced and Constitutional”. However, from media reports it is not clear whether the proposed Policy covers all these issues or not.

Illegal International Racket Using Unauthorised Gateways To Divert The VOIP Calls Landing In India Busted

Telecom related issues faced many challenges in the past. However, the regulatory environment for telecom sector of India is fast changing now.  Telecom security policy of India is also in pipeline that may streamline many telecom related issues in India.  The Telecom Commission has also approved satellite based mobile services in India. Satellite phones may also be allowed to be used by adventure tourists where no telecommunication connectivity is available in India.

Few areas in the field of telecom sector are still problematic in nature. For instance, Voice over Internet Protocol (VOIP) has always been a problematic aspect in India. Intelligence agencies of India have been insisting that Internet Telephony and VOIP service providers must establish servers in India. Further, Intelligence Bureau (IB) of India is also expediting the testing of VOIP interception system in India.

Meanwhile, crackdowns on illegal VOIP activities continue in India. In one such latest crackdown, the cyber crime wing of Cyberabad police arrested six persons on the charge of running an illegal international racket by setting up unauthorised gateways to divert the VOIP calls landing in India. The accused were using illegal VOIP gateways and diverted the international calls originating from cheap network providers in Pakistan, Middle East, US and UK.

According to the Police, those who receive such calls will have to pay lesser charges as against what the actual provider charges and will also not come under the government scanner.

The international VOIP grey traffic is purchased as per the daily prevailing rates from international carriers. The modus operandi used by illegal grey operators includes arranging international traffic from various VoIP operators across the globe and terminating it on their own illegal VoIP gateways using broadband connections. This traffic is then distributed to the domestic destination numbers using GSM SIMs, CDMA RUIMs and Public Switched Telephone Network (PSTN) connections.

Telecom Trends In India 2014

Perry4Law Organisation (P4LO) is on the forefront of providing various techno legal trends of India since 2006. The latest to add to this list are Cyber Security Trends and Developments in India 2014 and Telecom Related Trends and Development in India 2014. The cyber security trends of India 2014 have also been covered here1 and here2.

In this work, Perry4Law’s Techno Legal Base (PTLB) is providing the summary of the telecom trends of India 2014. The telecom trend of India in the year 2014 witnessed a combination of progressive and regressive steps being taken by Indian Government.

On the progressive side the Telecom Commission of India has allowed satellite based mobile services in India in the year 2014. On the regressive side, the Indian Government has failed to protect civil liberties in cyberspace once again. In fact, telecom operator Vodafone revealed use of secret wires for government e-surveillance and eavesdropping worldwide, including in India.

Indian Department of Telecommunications (DoT) promised to investigate govt snooping allegations of Vodafone but it failed to do so till the end of December 2014. The dangerous central monitoring system (CMS) of India was also activated without any legal framework and Parliamentary oversight.

Similarly, the redundant and outdated telecom related laws remained on the statue book in the year2014. For instance, the telegraph and cyber law of India remained outdated, colonial and draconian in the year 2014. Similarly, encryption related dedicated laws in India are also missing till the end of December 2014.

Further, new lawmaking was also missing in the year 2014. For instance, there is no dedicated laws regarding cell phones and their dealings in India and the same continued till the end of December 2014 as well. In particular, the cell site data location laws in India and privacy issues are still not redressed by Indian Government so far.

India is also one of the countries where phone tapping is possible without any court order/warrant. This is a serious civil liberty violation that continued in the year 2014. A lawful and constitutional interception law in India is urgently needed. Privacy rights in India in the information era (PDF) have still not been recognised by Indian Government.

Overall, the telecom trends of India in the year 2014 were far from satisfactory. Rather they were on the negative side of development that must be taken care of by Indian Government in the year 2015.

Online Petition And Survey By CCICI Regarding Cyber Law Due Diligence In India

Interpretation and analysis of the judgment of Supreme Court of India in Shreya Singhal v. Union of India (24th March 2015), Writ Petition (Criminal) No.167 Of 2012 (PDF) has already been started by various cyber law stakeholders of India. Most of them have based their observations upon Section 66A alone leaving aside other sections like Section 69A and Section 79 of the Information Technology Act, 2000.

However, it seems while doing justice to freedom of speech and expression in India, the Supreme Court has erred in reading down Section 79 and Rule 3 of Information Technology (Intermediaries Guidelines) Rules, 2011 (PDF) that pertains to Internet Intermediary liability and observance of cyber law due diligence (PDF) by them. In fact, it has been claimed that Supreme Court has killed cyber law due diligence in India to a great extent.

Cyber Crimes Investigation Centre of India (CCICI), the premier cyber crime investigation centre of Perry4Law Organisation (P4LO), has been covering these issues from the very beginning. Now CCICI has taken this interpretation and effort to another level by starting an online petition and survey titled “Do We Need a Stronger Cyber Law Due Diligence in India?”

Unfortunately, most of the interpretations and observations regarding the judgment of Supreme Court were directed towards Section 66A alone and the issue of cyber law due diligence was totally ignored. This has serious ramifications for all cyber victims whose locus standi has been taken away by the Supreme Court to approach the Intermediary.

It is of utmost importance that this issue must be discussed in great detail and then taken up before the Supreme Court through a review petition. Similarly, the collective inputs can also be shared with Indian government and Parliament so that they can come up with a more potent and effective cyber law due diligence requirement in India.

If you are a cyber victim or you know a person who has been a cyber victim, please share your views through this petition and survey. Your views would shape the cyber law of India and make it more meaningful. If you have ever suffered from harassment over e-mail, SMS, chatting, Social media, etc or you know a person who has been so harassed, then please share your views at the petition/survey page. Collectively let us make a responsible cyber society and culture in India.

Thursday, November 26, 2015

The First Constitution Day Of India On 26th November 2015

Constitution is an important document for any nation. It is the grundnorm around which all other legal, administrative and judicial aspects revolve. Constitution also lays down the boundaries and parameters for the rights and obligations of various stakeholders governed by the same. This makes the Constitution the supreme authority that has to be looked at and acted upon in all circumstances.

India decided to celebrate the Constitution Day on 26th November each year. The first Constitution Day was celebrated by India on 26th November 2015. It corresponds with the anniversary of the adoption of the Constitution of India by the Constituent Assembly of India on 26th November 1949. The Constitution of India came into force on 26th January 1950.

The main objective of celebration of Constitution Day is to spread awareness about Constitution of India. Perry4Law Organisation (P4LO) is on the forefront of spreading awareness about Constitution of India and legal issues for many years. We have launched many dedicated blogs for different aspects of Indian and foreign laws covering the Constitutional issues pertaining to Indian and Foreign Constitutions.

Perry4Law Organisation (P4LO) recently celebrated the first Constitution Day of India on 26th November 2015. We believe that the best way to celebrate the first Constitution Day of India was to launch a dedicated online portal for establishing the first ever Virtual Law Campus (VLC) of India.

Dedicated websites in this regard would be made operational very soon and few of these websites can be accessed here1, here2 and here3. Two dedicated blogs have also be launched in this regard and the same can be accessed at blog1 and blog2. This is in addition to the already existing initiative titled Virtual Legal Education Campus (VLEC) of India.

Our aim is to help Indian Government in establishing the first ever Techno Legal Framework for India that incorporates the Constitutional Principles and Philosophy. Modern day legal issues are very complicated in nature. Information and communication technology (ICT) has added many complexities before the legal systems of various jurisdictions. Areas like cyber law, cyber security, cyber forensics, e-discovery, e-courts, online dispute resolution (ODR), etc are alien concepts for Constitutions around the world. Nevertheless, there impact upon Constitutional protections and obligations is inevitable.

Perry4Law Organisation (P4LO) along with its premier Techno Legal Segment known as Perry4Law's Techno Legal Base (PTLB) have been spreading Techno Legal awareness in India and foreign jurisdictions. PTLB Virtual Campus is a unique online Techno Legal Skills Development and training initiative of PTLB. It is working in additional to the Virtual Law Campus (VLC) launched by P4LO. Collectively, the techno legal issues of Indian Constitution would be discussed and taught by us.

We also intend to make the Digital India and E-Governance projects of India Government successful. Presently, the Digital India project is suffering from many shortcomings and they must be removed immediately for the successful implementation of the same. It is logical to add Digital India objectives to Indian Constitution to make it modern and contemporary and Perry4Law Organisation (P4LO) and PTLB have been working in this direction. We hope various stakeholders would find our initiatives and efforts useful.

Wednesday, November 25, 2015

Twitter Continues Censoring Digital India Related Dissenting Tweets

Twitter has been censoring dissenting Digital India related tweets for long. The same continues till the writing of this article i.e. 25-11-2015. Just like Twitter is screening out the dissenting tweets from its popular timeline, we are also updating our readers about this issue. We would continue to update about this issue from time to time and at different platforms.

Twitter is a platform where you can exercise your rights to speech and expression in the best possible manner. This is so because you need not to write along write up or article to press your viewpoint. All you need is a small opinion or statement that can be liked or ignored by the twitter community. This is a democratic process where viewpoints are considered by the community to update themselves about the positive and negative aspects of an issue.

Twitter has little role to play in this democratic process but this is not true in all cases. Twitter has also no business to curb civil liberties in cyberspace but even that is happening. For instance, Twitter has been censoring and removing dissenting and critical tweet about the Digital India project of Indian government. This is happening almost in real time and tweets posted few hours back are removed by Twitter as a regular practice.

So what is this all fuss about Digital India? Digital India is a project of Indian government to use information and communication technology (ICT) for delivering of public services. So what is wrong with this approach? Nothing if the matter is as simple as portrayed but there is much more than what meets the eyes.

If Digital India is a public service project nothing can be more wonderful than that. However, there are many shortcomings of the Digital India project that Indian government is not disclosing to the citizens. That worst dark secret about Digital India project is that Digital India is biggest Panopticon of human race the moment it is clubbed with e-surveillance tool named Aadhaar. Though the central government has confirmed that Aadhaar is not compulsory for public services yet Aadhaar has been made compulsory for all public services in India throughout the country. This has made the Digital India project the digital panopticon of India of gravest nature.

This digital panopticon of India is flourishing while we are witnessing an era of submissive Parliament and Judiciary in India. As a result unconstitutional and illegal biometrics collection is happening in India without any sort of control and reasonableness. Digital India has become the Digital Panopticon of India because our Parliament and Judiciary has not done what the Constitution Fathers have mandated them to do.

Digital India project must be kept absolutely separate from Aadhaar or similar projects to safeguard civil liberties of Indian citizens. Otherwise, Digital India project would not be anything more than the worst digital panopticon of human race.

Shortcomings Of Digital India Project Of India

Praveen Dalal, Managing Partner and CEO of Perry4Law Organisation (P4LO) and PTLB, has been analysing the techno legal aspects of technology for long. Cyber Law, Cyber Security, Cyber Forensics, E-Governance and Digital India are some of the areas that have been critically analysed by him for long.

There are many shortcomings of the Digital India project of Indian Government that must be removed for the successful implementation of Digital India project. For instance, cyber security issues have been completely ignored by Indian government so far and this equally applies to Digital India project as well.

According to Praveen Dalal, the Digital India project is good but it must be supplemented with robust Cyber Security in advance. He also maintains that the biggest problem of Digital India project is that it lacks a clear cut policy and implementation plan.

The success or failure of any project depends upon it due research and analysis. Without a proper homework and due diligence, a project may face many shortcomings, lacuna and limitations. One such project is known as Digital India. As on date, the Digital India project of India government is heading towards rough waters and problems. This is because Digital India project is suffering from many shortcomings and limitations that Indian government has failed to remove.

For instance, the cyber security infrastructure of India is not in a good shape. Take the example of smart grids cyber security in India. India is contemplating using of smart meters but the same has become a headache for the power companies. Even a Grid Security Expert System (GSES) of India was suggested by Indian government in the past but the same has not been implemented till now.

The Digital India Project of India Government is the classic example of use of Information and Communication Technology (ICT) for delivery of public services. Like any great project, Digital India is also suffering from some “Shortcomings”. The chief among them are lack of Cyber Security, ineffective Civil Liberties Protection, absence of Data Protection (PDF) and Privacy Protection, unregulated E-Surveillance in India, absence of Intelligence Agencies Reforms in India, etc.

Unfortunately, the initial objective of public delivery of services through use of ICT seems to be fading away day by day. Instead of public services the focus has now been shifted towards e-surveillance and data mining. To make this work, Indian Government has been using e-surveillance projects like Aadhaar, Central Monitoring System, Network and Traffic Analysis System (NETRA), National Intelligence Grid (NATGRID), National Cyber Coordination Centre (NCCC), etc. None of them is supported by any “Legal Framework” and “Parliamentary Oversight”.

In fact, Vodafone has confirmed that India has been using “Secret Wires” in the Telecom Infrastructure to indulge in e-surveillance. Indian Department of Telecommunications suppressed the whole incidence with a mere assurance of “Investigation” that never took place. As per my personal information, no “Public Report” was made available in this regard by Indian Government so far.

In a latest twist, the Indian Government clubbed its latest Project named Digital Locker with Aadhaar. Essentially it means that Digital Locker is a legal project based upon illegal technology named Aadhaar. I have serious doubts that Digital Locker would serve its or Digital India’s purpose in these circumstances. The matter does not end here. Indian Government has claimed before the Supreme Court that Aadhaar is not mandatory for availing public services. However, this stand of Indian Government is not correct as Aadhaar has already been made compulsory for many public services and many more are added on regular basis.

Surprisingly, Supreme Court has not invoked either the Contempt or the Perjury proceedings against Central Government and States for making false claims and giving incorrect statements. Is not it the duty of Supreme Court to protect the Fundamental and Human Rights of Indian Citizens and residents? It is difficult to believe that Supreme Court is not aware of the ground situation that is actually happening in India. How can the Supreme Court simply rely upon false and misleading statements and allow the Central Government and States to operate in a manner that is clearly prejudicial to the Constitutional Protections and Principles?

It would be really unfortunate if Digital India Project is made the biggest Panopticon of Human History and an endemic E-Surveillance Instrumentality for the Indian Government where every bit of “Digital Information” can be accessed and manipulated by Indian Government. If this is the intention of Indian Government then Digital India Project is heading for rough waters.

Tuesday, November 24, 2015

Virtual Law Campus (VLC) Of India

Perry4Law Organisation (P4LO) is proud to celebrate the First Constitution Day of India on 26th November 2015. After much deliberations and brain stroming, we decided to officially launch the first Virtual Law Campus (VLC) of India on that day. This VLC would, among other subjects, also provide information, education, public awareness, training and skills development regarding the Constitution of India. We are already engaged in spreading public awareness about legal career and related issues at school and college levels.

As it may take some time before the VLC is fully made operational in India and at global scale, we have opened few blogs and Twitter accounts for spreading public awareness about national and international legal issues. The blogs on Virtual Law Campus (VLC) can be found here and here. Further, information regarding MOU and tie ups, empanelment procedure, skills development areas, etc can also be found on the blogs.

Virtual Law Campus (VLC) would be supplemented by our existing projects and initiatives like Virtual Legal Education Campus (VLEC) of India. A dedicated platform for Virtual Legal Education Campus (VLEC) has also been launched by us that would be operational very soon.

Education can be significantly improved by using information and communication technology (ICT). We can make online contents, mobile applications, e-learning platforms and so on to improve Indian education system. At the advanced stage, we can establish sufficient numbers of virtual campuses so that education can be provided even at the remotest corners of Indian territories.

Legal education in India needs a complete rejuvenation. There is no second opinion that legal education can be greatly benefited by involving active use of ICT. India has embraced e-governance for long and it is high time to actually implement what Indian government has been planning for many years.

Online legal education in India is still at the infancy stage. In fact, the concept of online education has not been accepted with full heart in India so far. Another area of concern is the academic nature of our educational system where there is no real choice between skills and degree. A blind race to acquire a degree would not bring any tangible benefits except unemployment and frustration. This is the reason why India must stress upon skill based education and trainings.

Skills based education and training can be effectively imparted if we adopt online education or e-learning methodology. This is more so in the legal education field that has mostly remained untouched by the use of information technology for educational purposes.

Perry4Law’s Techno Legal Base (PTLB) has been working in the direction of establishment and working of online legal education in India for long. Not only this, PTLB Virtual Campus is also providing many techno legal skills development, training and education courses in India and around the world through online education, distance learning and e-learning modes. We are also helping young school children in choosing the most appropriate courses for legal career. However, our courses have been designed for stakeholders ranging from school children to teaching faculties.

Taking these initiatives a step further, PTLB has launched two dedicated initiatives in these fields. These are launching of dedicated websites for
virtual legal education campus (VLEC) of India and virtual law campus (VLC) of India by PTLB. These websites would be fully functional very soon and virtual legal education would get a new shape and meaning in India. Further, we have also launched Twitter accounts named PTLB Virtual Campus and Virtual Law Campus that would help in better coordination and information sharing between PTLB and various stakeholders.

The aim of these two initiatives and other educational projects of PTLB is to impart online legal education ranging from traditional fields to the most contemporary topics. For instance, PTLB has been managing
online cyber law education in India for long. Cyber law is a contemporary legal area that requires techno legal expertise. There are very few cyber law education institutions in India and even lesser are cyber law experts in India. Thus, the demand for cyber law professionals is very great in India and other jurisdictions.

Similarly, areas like cyber security, cyber forensics, e-courts, online dispute resolution (ODR), e-discovery, etc also require qualitative educational institutions. The traditional universities or colleges are constrained by their own rules and courses but online education platforms are free to provide qualitative and customised techno legal courses.

PTLB is in the course of adding and introducing novel, qualitative and highly efficient training, skills development and education tools and technologies. We are also introducing some very unique and highly required techno legal and other courses that are not properly represented in present times. PTLB is also exploring tie ups and collaborations with universities, colleges and other online learning platforms in India and abroad.

Our initial idea is to use PTLB Virtual Campus for various techno legal courses, trainings and skills development programs like cyber law, cyber security, cyber forensics, etc. Whereas we intend to use Virtual Law Campus for legal fields and law courses that are imparted in universities and colleges. However, both Virtual Legal Education Campus (VLES) and Virtual Law Campus (VLC) would primarily cater the requirements of legal courses, trainings and skills developments initiatives though we may add other techno legal courses as well. PTLB would share more details about PTLB Virtual Campus, VLEC and VLC very soon.