Header image alt text

Naavi.org

Building a Responsible Cyber Society…Since 1998

The Government of India had set up a committee under the chairmanship of Mr T.K.Vishwanathan former Union Law Secretary and Secretary General, Lok Sabha to review ITA 2008. Mr Vishwanathan was the person who worked on the first draft of ITA 2000 and hence there was no better person to suggest  a comprehensive review of ITA 2000 even after its amendments in 2008. The committee also included Mr Gulshan Rai who is also a veteran in the field and has been working around ITA 2000 and ITA 2008 through out the last two decades. Hence lot of expectations had been built on the work of this committee.

Naavi.org had also provided many suggestions in its articles listed at the end of this post presuming that this would be a major amendment to ITA 2008.

In the last two days, a document is in circulation claiming to be the report submitted by the Committee. It is not clear if this is only a leaked part of the report and the report itself is more comprehensive. If however this is all the report, then we must say that this would be considered as a minor amendment to the ITA 2008.

Amendment to ITA 2008

The amendment proposed for ITA 2008 by the committee is in Section 78 of ITA 2000/8 which would now make it possible for Police officers of the rank of Sub Inspectors to be the investigating officials for offences under ITA 2000/8. In ITA 2000 the minimum level for investigation was DySPs and in ITA 2008 it was brought down to the level of Inspectors and now it has been further lowered down.

The change was inevitable since most cases involved investigations under both IPC and ITA 2000/8 and Sub Inspectors are normally the IOs for IPC crimes and hence extending their powers to ITA 2000 was perhaps necessary.

Though this would mean a higher requirement of training of Police, most of the new crop of Sub Inspectors might be conversant with technology and hence it should not be difficult for them to pick up Cyber Crime investigations faster than what DySPs were capable of in 2000.

The revised section 78 would read as under:

“Section 78 – Power to investigate offences

“78. Notwithstanding anything contained in the Code of Criminal Procedure, 1973 (2 of 1974), a police officer not below the rank of Sub-Inspector, shall investigate any offence under this Act and shall seek assistance in this regard from the District Cyber Crime Cell established under section 25C of the Code of Criminal Procedure 1973.”

Other major changes that have been suggested in the report are the changes proposed to IPC and CrPC 1973 which have an implication on Cyber Crimes as well.

Amendments to CrPc 1973

It has been reported that in view of the challenges that Police face during investigation and prosecution of Cyber Crimes, Criminal Procedure Code is being amended with the addition of two sections 25B and 25C.

Under these two sections, it is proposed that two entities may be formed namely the “State Cyber Crime Coordinators” and “District Cyber Crime Cells” to expand the investigation eco system for Cyber Crimes.

The new section 25B is proposed as under:

25B: State Cyber Crime Coordinator

(1) The State Government shall appoint an officer not below, or equivalent to, the rank of an Inspector General of Police, who shall be the Cyber Crime Coordinator of the State.

(2) The functions of the State Cyber Crime Coordinator shall be to:

(a) oversee the functioning of the District Cyber Crime Cells in the State;

(b) recommend to the State Government the procedures and best practices to be adopted by the police officers under Section 78 of the Information Technology Act, 2000 and the District Cyber Crime Cells while investigating any offence under the Information Technology Act 2000 or involving computer and electronic media under the Indian Penal Code, 1860 or any other law;

(c) oversee the training of police officers and experts in the District Cyber Crime Cells in the State;

(d) coordinate with the State Cyber Crime Coordinators of other States in case of offences under this Act that fall under the jurisdiction of two or more States; and

(e) carry out such other functions as may be specified by the State Government.”

The new Section 25C would state as under:

25C : District Cyber Crime Cells

(1) The State Government shall establish a District Cyber Crime Cell in every district to assist in the investigation of offences –

(a) under the Information Technology Act, 2000; and
(b) involving computer and electronic media under the Indian Penal Code, 1860 or any other law.

(2) The District Cyber Crime Cell shall consist of

(a) an officer not below, or equivalent to, the rank of Deputy Superintendent of Police, who shall be the head of the District Cyber Crime Cell;

(b) such number of Sub-Inspectors as the State Government may deem fit; and 

(c) at least three experts in information technology, mobile telephony, digital forensics, cyber law or such other experts with such qualifications to be appointed by the State Government in accordance with the rules made under subsection (4).

(3) The head of the District Cyber Crime Cell shall report to the State Cyber Crime Coordinator of the State through his supervisory officers.

(4) The State Government shall prescribe by rules –

(i) the manner of appointment and the terms and conditions of service or empanelment of the members of the District Cyber Crime Cells under sub section (2);
(ii)qualifications of experts under clause (c) of sub section (2).”

It is interesting to note that over the last few weeks, Naavi has been repeatedly calling for involvement of select NGOs to assist Cyber Crime Police in investigations. Attention may be drawn to the following articles in this regard.

Tomorrow is Digital Society Day of India: Let’s Resolve to Improve the Cyber Crime Complaint Management System in India

How to Relieve Cyber Police in India of needless burden and make them more focused

The suggestion from the T K Vishwanathan Committee is in tune with the spirit of the suggestions made by the undersigned and are therefore considered as a welcome move.

If the empanelment of the District Committee is done properly, it would be a great support to Police particularly in smaller towns where there is still shortage of trained manpower in the Police.

Cities and Metros may be having officers with sufficient knowledge and it would be left to the IG in charge of the State as a State Coordinator to take care of how these trained police officials will deliver. However, presence of an IG specifically for this purpose would bring about a certain focus that was perhaps not evident at present and the move may therefore be helpful.

Hence both the proposed amendments to CrPc must be considered as welcome steps and opening the doors for better things to come.

Let’s hope that right persons will occupy these new positions as “State Coordinators” so that efficiency in Cyber Crime investigation will improve.

Also, designating them as “State Coordinator” will improve the possibility of Inter State Coordination. Several years back, a move of this sort had been suggested by the undersigned to create an informal periodical meeting of Cyber Crime heads of the southern states like Karnataka, Tamil Nadu and Andhra Pradesh. Perhaps this idea may be revived in the days to come and the dream of “One Nation-One Cyber Crime Police” as envisaged by Naavi, would be a reality in the near future.

Amendments to IPC

The third set of amendments proposed by the Vishwanathan Committee is in amendments proposed in IPC probably to compensate for the removal of Sectio 66A from ITA 2008 by the Supreme Court in the Shreya Singhal Case which has been debated adnauseum on this site.

Two specific amendments have been proposed to IPC with the addition of two sections namely 153C and 505A. The amendments appear to address some of the concerns addressed by the Supreme Court in delivering its judgement for scrapping Section 66A.

The amended sections state as follows:

153 C: Prohibiting Incitement to Hatred

Whoever on grounds of religion, race, caste or community, sex, gender identity, sexual orientation, place of birth, residence, language, disability or tribe, uses any means of
communication to –
(a) gravely threaten any person or group of persons with the intention to cause fear of injury or alarm; or
(b) advocate hatred towards any person or group of persons that causes, or is likely to cause, incitement to commit an offence shall be punishable with imprisonment of either description for a term which may extend to two years or a fine up to Rs 5000, or with both.

Explanation: In this section,

(a) “means of communication” shall include any words either spoken or written, signs, visible representations, information, audio, video or combination of both transmitted, retransmitted or sent through any telecommunication service, communication device or computer resource;

(b) “telecommunication service” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Telecom Regulatory Authority of India Act, 1997;

(c) “communication device” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Information Technology Act 2000;

(d) “computer resource” shall have the meaning assigned to in clause (ha) of subsection (1) of section 2 of the Information Technology Act, 2000.

Section 505A states as under:

.
505 A: Causing Fear, Alarm or Provocation of Violence in Certain Cases

(1). Whoever, intentionally, on grounds of religion, race, caste or community, sex, gender, sexual orientation, place of birth, residence, language, disability or tribe, uses any means of communication to communicate-
(a) highly disparaging, indecent, abusive, inflammatory, false’ or grossly offensive information with the intention to cause fear of injury or alarm; or (b) gravely threatening or derogatory information with the intent to provoke the use of unlawful violence, against any person or group of persons, shall be punished with imprisonment for a term which may extend to one year and with fine up to Rs 5000, or both.

Explanation: In this section,

(a) “means of communication” shall include any words either spoken or written, signs, visible representations, information, audio, video or combination of both transmitted, retransmitted or sent through any telecommunication service, communication device or computer resource

(b) “telecommunication service” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Telecom Regulatory Authority of India Act, 1997;

(c) “communication device” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Information Technology Act 2000;

(d) “computer resource” shall have the meaning assigned to in clause (ha) of subsection (1) of section 2 of the Information Technology Act, 2000.”

Hopefully, Supreme Court would be kinder to IPC than ITA 2008 and does not interpret the amendment as “Having a Chilling Effect on Freedom of Speech” as they did earlier for Section 66A.

Introduction of these two sections should help restoration of one part of Section 66A that had been scrapped though Spamming and Phishing as well as Cyber Stalking may not be adequately covered in the new provisions as what Section 66A did.

However, some thing is better than nothing and therefore these amendments are also welcome.

Overall, though the amendments appear to be too few and many other issues have been left out, what has been attempted will bring about some positive changes in improving the Cyber Crime eco system in the country.

We have to however wait and see when these recommendations actually translate into an Act and whether it would be further changed or diluted before it is passed into a law.

Naavi

Related Articles

Proposed Amendments to ITA 2000 and Privacy Protection

Redefining the scope of ITA 2008.. in the amendments..

Suggestions on Modification of ITA 2008

Domain Name Regulation in ITA 2000..to be amended






17th October is an important date for the Digital India. It was on this day in 2000, that India notified the Information Technology Act 2000 and brought for the first time, Legal Recognition for binary expressions or electronic documents.

As a result of this, just as Independent India came into being on August 15, 1947, a Judicially recognized “Digital Society of India” came into being from 17th October 2000. Prior to this an “Electronic Document” was not recognized in law. Hence whether it was a web page or an e-mail or a computer generated document, they had no validity as a legal evidence. Crimes done with electronic documents could not be proved under the normal laws. Business could not go to Court with their disputes based on electronic documents.

All this changed on 17th October 2000 when electronic documents or more specifically, binary expressions which the computer like devices could read and interpret became as valid as a “Paper” writings on which could be seen and interpreted by law. This legal recognition of electronic document along with legal recognition of authentication through digital signatures brought in the possibility of valid digital contracts into business transactions and gave a legal support to E Commerce.

Though there has been a further amendment to ITA 2000 in 2008, and one more is now under consideration, the fundamental change in the society could be ascribed to the ITA 2000 providing recognition to Electronic Document and authentication with which we have a “Digital Person”, “Digital Identity” and “Digital Transaction” that has the recognition in law.

Recognizing this important change in the society, Naavi has been advocating that this day namely the 17th October should be recognized and celebrated by India as the “Digital Society Day” and each of us should undertake such activities as would be beneficial to the Digital/Cyber Society of India.

Unfortunately, the Government is yet to recognize the importance of this day and hence we donot see any focussed activity to celebrate this day just as we celebrate other important days such as the “Privacy Day” etc. This itself indicates that we are yet to fully appreciate what a great change was brought to India on 17th October 2000. Today’s “Digital India” concept would not be a reality but for the laws that came into being on 17th October 2000.

We hope, if not this year, at least in the coming years, Government of India declares 17th October as the “Digital Society Day” and undertake special projects across law colleges and other academic institutions  that highlight the motto “Let’s Build a Responsible Cyber Society”.

Naavi.org has been highlighting different aspects of the Cyber Society for focus each year. Last year it was an year in which we said we need to fight Ransomware.

This year we dedicate ourselves to working for the “Improvement of the Cyber Crime Complaint Management System in India “.

Improving the Cyber Crime Complaint Management System recognizes that the present system where Cyber Crime victims lodge their complaints with the Police and wait for the resolution is not working well.

There is definitely the problem of “Awareness” of law both with the public, the Police or the Judiciary. This is being addressed by various institutions including the NPA and Judicial Academy. But awareness is not the whole problem.

However, beyond the creation of awareness, the next goal should be to check  how the knowledge and awareness converts into practical benefit to the society and how the Cyber Crime victims are responded to by the Police when they approach the Police Stations.

We should ask ourselves, whether it is only the lack of awareness which is causing a displeasure for the Cyber Crime victims or the “Reluctance” to handle the complaints that is increasingly becoming a cause of concern.

Naavi uses the Pentagon Model theory of Information Security Motivation in implementation of Information Security in organizations which includes five elements to be present simultaneously for Information Security practices to emerge in an organization. They are

a) Awareness: of Why, What and How

b) Acceptability: that it is required for self and society

c) Availability: of tools required to implement

d) Mandate: By law and internal policies

e) Inspiration: Created by specific programs

These five principles are like the five walls of a pentagon which should close properly for Information Security to be implemented.

The same principle also applies to the implementation of proper methods to improve the Cyber Crime Complaint Management System in our Law enforcement.

It is Naavi’s observation that we need to  improve this system of quick and effective response from the Cyber Crime Policing System if public are to be satisfied.

I urge academic institutions across the Country and the NGOs to undertake projects to identify the problems of Cyber Crime Victims in getting their disputes heard and resolved through as many activities as possible during the year so that we can move towards a better management of Cyber Crime complaints in the coming days.

Any suggestions and papers received in this regard for publications on Naavi.org is welcome.

Naavi