Wednesday, May 29, 2013

Indian Government Wishes More Indian Software For Better Cyber Security

There is no second opinion that cyber security in India must be improved. Even Indian government has accepted this proposition and has admitted that it is a late entrant in this field. Indian government has also announced that a cyber command for armed forces of India would also be established.

India has also formulated the cyber security policy that carries many far reaching reforms in the field of cyber security. The policy has stressed upon indigenous development of hardware and software. Even the security agencies of India have been insisting upon using Indian cyber security software for protecting India’s critical infrastructures. Security agencies re also insisting that VoIP services providers wishing to do business in India must establish servers in India.

It has also been suggested that India must launch its own social media websites so that law enforcement problems can be avoided. As cyber litigation against foreign websites in India is going to increase, we must ensure that they comply with Indian laws. But this is not happening and recently U.S. government also refused to serve Indian summons upon foreign websites located in their jurisdiction.

Recently it has been reported that U.S. government is the biggest buyer of malware. Further, it is also a known fact that even the anti virus and security products can be manipulated to install malware upon victim’s system.

Thus, the decision to use Indian security softwares may seem absurd on the face of it but it is a very crucial and relevant decision. Foreign hardware and software may have backdoors installed in them. If we have indigenously manufactured software and hardware, we can analyse the same for backdoors. Let us see how things would take shape from this stage.

NATO’s Tallinn Manual Has Started Raising Objections

Recently the NATO cooperative cyber defence centre of excellence (NATO CCD COE) released a manual titled the Tallinn Manual on the international law applicable to cyber warfare.

The effort is the first of its kind to provide a non binding and unofficial document to provide guidance regarding applicability of international law to cyber warfare activities. However, from the very beginning, cyber security experts have been warning that this document can create real troubles in the global cyberspace.

According to Praveen Dalal, managing partner of ICT law firm Perry4Law and leading techno legal expert of Asia, “The effort is Significant as it is the first Coordinated and Collaborative effort in the direction of tackling the menaced of Cyber Warfare at the International Level. However, this effort of NATO is also “Highly Risky” and “Pre Mature” as “International Consensus” is not an essential part of this effort”.

It seems now others have also endorsed this viewpoint of Praveen Dalal. Now it has been reported that Russia has warned against NATO document as legitimising cyber wars. According to Russian experts, while Russia is trying to prevent militarisation of cyberspace by urging the international community to adopt a code of conduct in this sphere, the United States and its allies are already agreeing the rules for prosecuting cyber warfare.

The “Real Problem” is that we have no “Internationally Acceptable” Cyber Security and Cyber Law Treaty, says Dalal.  In the absence of such “International Harmonisation”, the documents like Tallinn Manual are “More Problem than Solution”, opined Dalal.

NATO must be very cautious while releasing such documents as they may have serious consequences. This may also be seen as a backdoor entry for the rules and regulations prescribed by U.S. that other nations would not found very convincing and binding. 

Thursday, May 16, 2013

The Uncontrolled And Unregulated Organ Transplantation Mafia In India

Organ transplantation mafia of India is working right under the nose of India government that also without any fear or law and punishment. In one such reported incidence, the organ transplantation mafia has crossed all the limits of humanity.

The parents of a girl child have accused that medical workers in India have murdered their daughter to sell her organs to the rich receivers of such organs. They have also claimed that neither the medical staff nor the police have cooperated with them and they have hushed up the matter.

A request to Indian government has also been made to look into the matter and get the matter investigated through central bureau of investigation.

Medical malpractices in India have increased significantly. Whether it is deaths due to clinical trials in India or online selling of medicine by pharmacies in India, nothing is in order.

As far as organ transplantation is concerned, we have the Transplantation of Human Organs Act, 1994. However, the same requires urgent amendments to make it more effective and stringent.

It has failed to deter the organ transplantation mafia of India and sending a dead body to the relatives of an innocent child without crucial organs is a very gruesome act that requires punishment of most stringent nature.

We hope that Indian government would not allow any such incidence to reoccur in future and no parents would find themselves in this unfortunate situation as the unfortunate girl child’s parents are.

They deserve justice and not the one that is presently prevailing in India but an instant and appropriate one.

Tuesday, May 7, 2013

Indian Central Monitoring System: Part II

 The central monitoring system (CMS) of India has reiterated the long claimed notion of civil liberty advocates that the big brother is listening. While this may be tolerable to the extent of genuine law enforcement requirements but a blanket implementation of the central monitoring system (CMS) project of India has proved that the big brother has exceeded its limits.

Civil liberty protection in cyberspace is the cherished mandate of every democratic and constitution abiding government. However, countries around the world are not only ignoring this obligation but are also actively working in the direction of violating the same. Spy software like FinFisher is openly used by governments around the world.

In shocking news, it has been reported that command and control servers for FinFisher were found in 36 countries including India. The malware FinFisher has also tried to hide itself behind genuine software like Mozilla Firefox and Mozilla has issued a cease and desist notice to Gamma International for maliciously using its brand and reputation.  

The central monitoring system (CMS) project of India is one of the most controversial projects about to be launched by Indian government. It the CMS project of India is attached with other controversial projects like Aadhaar; this would be a serious civil liberty fiasco. The Aadhaar project is already questioned in the Indian courts and the CMS project would also face similar fate. The fact is that India must reconcile civil liberties and national security requirements immediately.

According to Praveen Dalal, managing partner of New Delhi based ICT law firm Perry4Law and leading techno legal expert of Asia, The CMS Project of India is a good and ambitious project that is required to manage National Security and Law Enforcement requirements of the country. However, adequate “Procedural Safeguards” must also be established in the System so that it is not abused for political and personal reasons, warns Dalal. The CMS Project would be “Illegal and Unconstitutional” if implemented in its current form, warns Dalal.

India is giving wrong signals to the entire world. In the present circumstances it is not wrong to conclude that India is not only adopting double standards but is also abdicated the rule of law. Further, the draconian cyber law of India must be repealed as piecemeal actions on the part of various activists would not help us in the long run.

The PMO must interfere at this crucial stage and scrap both Aadhaar and CMS projects as soon as possible. Recently U.S refused to sign the treaty that could have regulated Internet in the worst form. U.S. has also refused to serve summons upon Internet companies of U.S. citing constitutional reasons.

India has to mend its ways so that it remains on the side of protection of civil liberties and use e-surveillance in only those cases that are absolutely required.

Thursday, May 2, 2013

Indian Central Monitoring System

The central monitoring system (CMS) project of India is one of the most controversial projects about to be launched by Indian government. It the CMS project of India is attached with other controversial projects like Aadhaar; this would be a serious civil liberty fiasco. The Aadhaar project is already questioned in the Indian courts and the CMS project would also face similar fate.

We have been maintaining that the ministry of communication and information technology (MCIT) must be put PMO scrutiny. In fact, the MCIT must be put under the direct control of PMO to make it more transparent and accountable. Although the PMO took some interest in the technology related issues in the past yet they were never sufficient.

Now it has been reported that the PMO questioned the preferential market access (PMA) policy of MCIT. The PMO must also question the CMS project as it has serious civil liberties issues. Human rights protection in cyberspace must also be kept in mind by the PMO.

The CMS project and telephone tapping issues are also interrelated. Although the standing committee on home affairs recommended safeguards for phone tapping of politicians yet no such safeguards have been prescribed for ordinary citizens. We still do not have a lawful interception law in India to govern phone tapping and e-surveillance issues. The fact is that India must reconcile civil liberties and national security requirements immediately.

The CMS project has also created waves at the international level as well. For instance, see the Reddit, Pastebin, Pastebay, bedtime e-post, etc in this regard.

According to Praveen Dalal, managing partner of New Delhi based ICT law firm Perry4Law and leading techno legal expert of Asia, The CMS Project of India is a good and ambitious project that is required to manage National Security and Law Enforcement requirements of the country. However, adequate “Procedural Safeguards” must also be established in the System so that it is not abused for political and personal reasons, warns Dalal.

It is clear that the time for CMS project of India has still not come. Of course, if Indian government is still willing to waste tremendous public money on illegal and unconstitutional projects like Aadhaar, it is free to go ahead with CMS project as well. But keeping in mind the forthcoming elections and the attitude of PMO this seems to be a distant possibility.