Indian cyber security needs comprehensive legal framework: Expert
At a time when the governments the world over are struggling to tackle cyber attacks and data breach, India needs to come up with a more comprehensive legal approach and framework to address various issues in cyber space, an expert said here on Friday.
"Today, a lot of work in personal, professional, social and governance space is being done on the internet. Therefore, there is a need to look at the issues in cyber space. It is here that issues like cyber law, cyber crime and cyber security come in," Pavan Duggal, president, cyber laws.net and Supreme Court advocate, told IANS on the sidelines of a round table on cyber law, cyber crime and cyber security here.
Talking about the recent cyber space trends in India, Duggal said big trends like cyber terrorism and radicalisation are going to hit big time in India.
"We quickly need to put legal framework to check this before it happens. Unfortunately, we do not have it. We have a provision but it is not completely effective," added Duggal, a cyber law expert.
Talking about the global trends, he said the focus is now shifting on cyber resilience.
"Everybody is vulnerable. It is given that you will be attacked, and the bigger issue is not that you should be attacked or not, it is once you are attacked, how quickly are you able to come back to normalcy," he noted.
For cyber resilience to get enforced, there is a need of enabling legal frameworks where law does not penalise you in case your network is accessed in an unauthorised manner.
This framework should save companies from being slapped with various lawsuits by users who say their personal data has been breached, Duggal pointed out.
To a question about changing trends in accessing the information and attack on the internet, Duggal said that attacks will constantly happen.
"Till now, companies were attacked from superficial net but now attacks are happening from the 'dark web' where the identity of the attacker is difficult to be found out," he told IANS.
"We need cyber laws to give companies power to fight these attacks. People will start getting confidence into your ecosystem once they realise their is a legal framework in place which actually allows state to prosecute cyber criminals effectively," Duggal added.
On being asked the definition of cyber crime on the basis of hacking by hackers and hacking by enforcement agencies (as done in recent Apple's feud with FBI over unlocking of an iPhone used by terrorist in San Bernardino attack), he said hacking is grey concept and, legally speaking, it is a crime.
"But when law enforcement agencies themselves conduct it, then the line becomes blurred. We need to have more clarity. If it is a crime, it should be a crime for an individual person or any law enforcement agency," Duggal explained.
He noted that many sovereign countries do many covert and overt activities for the purposes of ensuring that their sovereign interests in the cyber space are adequately protected.
The participants of the roundtable also raised concerns on issues related to cyber crime, including increasing child porn, sexting, sex trafficking, cyber bullying/trolling and violence against women.
"Sexting, sextortion on the internet - mainly with young boys, child porn, violence against women in the form of revenge porn and cyber terrorism are turning into a huge issue in India and they should be taken care as soon as possible," said Parry Aftab, a US-based lawyer and internet safety expert who founded the internet safety organisation WiredSafety.