ITA 2008 Compliance Blanket for Cyber Cafes
The terror mail threat received by the Sri Lankan
Cricket team before the Ahmedabad Test has once again brought focus on the
Cyber Cafes. The mail was sent from a Cyber Café in Chattisgarh and
promptly the Police have arrested the Cyber Café owner. For records, Police
are happy that an arrest has been made but it is unlikely to lead to the
finding of the real culprit since the Cyber Café may not be maintaining
This is a typical scenario in respect of all crimes of
this nature where a Cyber Café is used for sending e-mails by terrorists or
With the introduction of the ITA 2008 (ITA 2000 amended
with effect from October 27, 2009), the responsibilities of Cyber Café
owners have only increased. In the event they fail to maintain a “Due
Diligence” plan for the Cyber Café, they run the risk of being accused
directly for such crimes as above or for “Vicarious Liabilities” under
different sections of ITA 2008 such as Section 67C, Sec 69,69A,69B etc.
Cyber Café owners as a category are therefore worried
because they are caught in the crossfire between the terrorists and
naxalites on the one side and the State on the other side.
One obvious reaction to this is to blame the Police for
the wrongful arrest. Though the arrest may be faulted under the sections
relating to say Section 66A (sending threatening e-mails) or Section 66F
(Cyber Terrorism), arrest can be justified when read along with Section 85
and a failure of defense under Section 79.
Though ITA 2008 has been notified with effect from
October 27, 2009, the rules regarding Cyber Café regulations have not been
notified separately by the Government. It is expected that specific rules
would be notified before December 2009 in this regard.
In the meantime, Cyber Cafes need to follow “Due
Diligence” in a manner that is considered as “What a prudent man under
similar circumstances” would do. The undersigned has developed a security
framework under ITA 2008 which applies even to Cyber Cafes under which
Cyber Cafes are audited and certified for Cyber law Compliance. This could
be one option available to the Cyber Café owners.
In Bangalore, recently the Police started promoting a
software for Cyber Cafes which is supposed to maintain Visitor’s registers
as per the Karnataka Cyber Café regulations notified in 2004. Though this
is touted as ITA 2008 compliant, and Cyber Café owners are being urged by
the Police to install the software, it is necessary for the Cyber Café
owners to realize that this software by itself may not be fully compliant
with ITA 2008 prescriptions and the Cyber Café owners may need to
supplement the software with other initiatives.
Cyber Café owners in Bangalore are perhaps being pushed
to a false sense of compliance by the Police in this regard. In fact the
software is being promoted by the Police department outside the Cyber Crime
Police Station where as the current Cyber Café regulations in Karnataka
designate the Cyber Crime Police Station under COD as the designated
authority for regulating Cyber Cafes. While one appreciates the enthusiasm
of the Police in regulating Cyber Cafes, it is necessary to suggest that it
is better if the implementation itself is compliant to ITA 2008.
Now it is the turn of Chattisgarh Police to perhaps
think of effective Cyber Café regulations in their state. At the same time
it is time for the Cyber Cafe owners in Chattisgarh to face the challenge
that will be thrown at them in the process.
I hope that the Cyber Cafes in Chattisgarh immediately
organize themselves into a coordinated group, introduce voluntary
compliance measures and save their fraternity from being arrested whenever
e-mails are sent from their network. They need to draw a “ITA 2008
compliance Blanket” over the Cyber Café network to protect themselves and
also simultaneously assist the Police in investigation of such cases.
The undersigned has developed such an “ITA 2008
Compliance Blanket for Cyber Cafes” which satisfies the needs of the
Police and frees the Cyber Café owners from harassment. The details of the
security blanket cannot be discussed over a public forum but if the Police
in Chattisgarh and the Cyber Café owners are both interested in a
cooperative format for developing the security, Naavi.org would be happy to
This is the need of the hour for sustaining the
business of Cyber Cafes in India as we can neither prevent criminals from
using the Cyber Café network nor the Police from blaming the Cyber Café
owners for negligence.
November 15, 2009
Comments are Welcome at