Let's Build a Responsible Cyber Society

Indian Pseudo Cyber Security Activists..all set to play a fraud on the society

Two new legislations being contemplated in USA indicate the raise of new thoughts in Cyber Space regulations which will in due course contribute to the cumulative knowledge of  "Cyber Jurisprudence".  One is the proposed legislation for "Monitoring of ISPs" and the other is the banning of social networking sites from access in libraries etc.

Let us now look at the raising demand for "Mandatory Monitoring of ISPs" despite the cry of Infringement of Privacy Invasion". USA is already known to monitor Internet through the "Carnivore" which enables them to monitor data flow through ISPs. This is mainly used to regulate terrorist activities. Though terrorists have since moved to other forms of communication on the internet without data flow or using strong steganographic or encryption techniques, packet sniffing at ISP level with Carnivore type software has become an important tool for cyber crime management. In India though this technique is reported to be in use in certain cases, a wider use is still not in place. With the growth of Naxalism  and Cyber Cafe misuse, it may not be long before Police start using a "Carnivore" for its "Cyber Intelligence" network.

Additionally, similar software is already available for Cyber Cafe monitoring and Mobile Network monitoring and it will not be long before the use of such monitoring devices become more widespread. In India where the "Privacy Laws" are not strict and there is a long history of terrorist activities, there is unlikely to be much opposition to any moves regarding "ISP Snooping" from the public.

However, just like "Pseudo Secularists" have been redefining the concept of "Secularism" and equate "Call for Mercy for Afzal" with "Patriotism" and "Call for singing Vande Mataram" as "Anti National", "Pseudo Cyber Security Activists" have been calling for more freedom for ISPs in India and making them "Immune to any legal obligations". There is also a move to remove power of interception of electronic communication for prevention of crimes under IPC. Perhaps the Pseudo Cyber Security Activists consider this as a support for "Cyber Freedom" and a part of the democratic traditions.

These following changes  proposed through the amendments to Information Technology Act 2000 highlight these ill advised move to provide immunity to ISPs and restrict the powers of electronic interception.

Present Provisions as per ITA-2000 Proposed Provisions as per Amendments approved by the Cabinet committee and to be put up for the approval of the Parliament

Section 79: Network Service Providers not to be liable in certain cases

For the removal of doubts, it is hereby declared that no person providing any service as a Network Service Provider shall be liable under this Act, rules or regulations made thereunder for any third party information or data made available by him if he proves that the offence or contravention was committed without his knowledge or that he had exercised all due diligence to prevent the commission of such offence or contravention.

Explanation.  - For the purposes of this section

(a) Network Service Provider" means an intermediary

(b) "Third Party Information" means any information dealt with by a network   service provider in his capacity as an intermediary

79*. Exemption from liability of intermediary in certain cases

1.An “Intermediary” shall not be liable under any law for the time being in force, for any third party information, data, or link made available by him, except when the intermediary has conspired or abetted in the commission of the unlawful act.

2.The provisions of sub-section (1) shall apply in circumstances including but not limited to where:

a. Intermediary’s function is limited to giving access to a communication network over which information made available by third parties is transmitted or temporarily stored; or The intermediary: (i) does not initiate the transmission, (ii) does not select the receiver of the transmission, and (iii) does not select or modify the information contained in the transmission.

3) The provisions of sub-section (1) shall not apply if, upon receiving actual knowledge of, or being notified by the Central Government or its agency that any information, data or link residing on a computer resource controlled by the intermediary is being used to commit the unlawful act, the intermediary fails expeditiously to remove or disable access to that material on that resource.

Explanation: For the purpose of this section:-

a)Term ‘Intermediary’ has been defined in Chapter I, Section 2(w).

b)‘Intermediary’ shall include, but not limited to, telecom service providers, network service providers, Internet service providers, web-hosting service providers, search engines  including on-line auction sites, online-market places, and Cyber Cafes.

c) Third Party Information’ means any information dealt with by an intermediary in his capacity as an intermediary.

Section 69: Directions of Controller to a subscriber to extend facilities to decrypt information

(1) If the Controller is satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence, for reasons to be recorded in writing, by order, direct any agency of the Government to intercept any information transmitted through any computer resource

(2) The subscriber or any person incharge of the computer resource shall, when called upon by any agency which has been  directed under sub-section (1), extend all facilities and technical assistance to decrypt the information.

The subscriber or any person who fails to assist the agency referred to in sub-section (2) shall be punished with an imprisonment for a term which may extend to seven years

Section 69*:Power to issue directions for interception or monitoring or decryption of any information through any computer resource

(1) If the Controller Central Government is satisfied that it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence, it may subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the government to intercept or decrypt or cause to be monitored any information transmitted through any computer resource

(2) The Central Government shall prescribe safeguards subject to which such interceptions or monitoring may be done.

(2) (3) The subscriber or any person in-charge of the computer resource shall, when called upon by any agency which has been directed under sub-section (1), extend all facilities and technical assistance

(a)  to decrypt the information; or

(b) provide access to the computer resource containing such information

(3) (4) The subscriber or any person who fails to assist the agency referred to in sub-section (2) (3) shall be punished with an imprisonment for a term which may extend to seven years.

While the countries with stringent records of Privacy Protection and Freedom of Speech are reconciling to the fact that in the emerging terror stricken world there is a need for new "Jurisprudence" where "Curbing of some freedom" is essential for protection of democracy, it is strange that in India there is an attempt to provide a better shield to the Intermediaries made possible by the Indian Pseudo Cyber Security Activists who are projecting the amendments as beneficial to the society. It is therefore with pain that we must say that the attempt is a fraud on the Indian society.

Send Your Views here

Naavi

October 30 , 2006

Related Article:

Congress may consider mandatory ISP snooping..news.com