Naavi.org

The Government of India had set up a committee under the chairmanship of Mr T.K.Vishwanathan former Union Law Secretary and Secretary General, Lok Sabha to review ITA 2008. Mr Vishwanathan was the person who worked on the first draft of ITA 2000 and hence there was no better person to suggest  a comprehensive review of ITA 2000 even after its amendments in 2008. The committee also included Mr Gulshan Rai who is also a veteran in the field and has been working around ITA 2000 and ITA 2008 through out the last two decades. Hence lot of expectations had been built on the work of this committee.

Naavi.org had also provided many suggestions in its articles listed at the end of this post presuming that this would be a major amendment to ITA 2008.

In the last two days, a document is in circulation claiming to be the report submitted by the Committee. It is not clear if this is only a leaked part of the report and the report itself is more comprehensive. If however this is all the report, then we must say that this would be considered as a minor amendment to the ITA 2008.

Amendment to ITA 2008

The amendment proposed for ITA 2008 by the committee is in Section 78 of ITA 2000/8 which would now make it possible for Police officers of the rank of Sub Inspectors to be the investigating officials for offences under ITA 2000/8. In ITA 2000 the minimum level for investigation was DySPs and in ITA 2008 it was brought down to the level of Inspectors and now it has been further lowered down.

The change was inevitable since most cases involved investigations under both IPC and ITA 2000/8 and Sub Inspectors are normally the IOs for IPC crimes and hence extending their powers to ITA 2000 was perhaps necessary.

Though this would mean a higher requirement of training of Police, most of the new crop of Sub Inspectors might be conversant with technology and hence it should not be difficult for them to pick up Cyber Crime investigations faster than what DySPs were capable of in 2000.

The revised section 78 would read as under:

“Section 78 – Power to investigate offences

“78. Notwithstanding anything contained in the Code of Criminal Procedure, 1973 (2 of 1974), a police officer not below the rank of Sub-Inspector, shall investigate any offence under this Act and shall seek assistance in this regard from the District Cyber Crime Cell established under section 25C of the Code of Criminal Procedure 1973.”

Other major changes that have been suggested in the report are the changes proposed to IPC and CrPC 1973 which have an implication on Cyber Crimes as well.

Amendments to CrPc 1973

It has been reported that in view of the challenges that Police face during investigation and prosecution of Cyber Crimes, Criminal Procedure Code is being amended with the addition of two sections 25B and 25C.

Under these two sections, it is proposed that two entities may be formed namely the “State Cyber Crime Coordinators” and “District Cyber Crime Cells” to expand the investigation eco system for Cyber Crimes.

The new section 25B is proposed as under:

“25B: State Cyber Crime Coordinator

(1) The State Government shall appoint an officer not below, or equivalent to, the rank of an Inspector General of Police, who shall be the Cyber Crime Coordinator of the State.

(2) The functions of the State Cyber Crime Coordinator shall be to:

(a) oversee the functioning of the District Cyber Crime Cells in the State;

(b) recommend to the State Government the procedures and best practices to be adopted by the police officers under Section 78 of the Information Technology Act, 2000 and the District Cyber Crime Cells while investigating any offence under the Information Technology Act 2000 or involving computer and electronic media under the Indian Penal Code, 1860 or any other law;

(c) oversee the training of police officers and experts in the District Cyber Crime Cells in the State;

(d) coordinate with the State Cyber Crime Coordinators of other States in case of offences under this Act that fall under the jurisdiction of two or more States; and

(e) carry out such other functions as may be specified by the State Government.”

The new Section 25C would state as under:

“25C : District Cyber Crime Cells

(1) The State Government shall establish a District Cyber Crime Cell in every district to assist in the investigation of offences –

(a) under the Information Technology Act, 2000; and
(b) involving computer and electronic media under the Indian Penal Code, 1860 or any other law.

(2) The District Cyber Crime Cell shall consist of

(a) an officer not below, or equivalent to, the rank of Deputy Superintendent of Police, who shall be the head of the District Cyber Crime Cell;

(b) such number of Sub-Inspectors as the State Government may deem fit; and 

(c) at least three experts in information technology, mobile telephony, digital forensics, cyber law or such other experts with such qualifications to be appointed by the State Government in accordance with the rules made under subsection (4).

(3) The head of the District Cyber Crime Cell shall report to the State Cyber Crime Coordinator of the State through his supervisory officers.

(4) The State Government shall prescribe by rules –

(i) the manner of appointment and the terms and conditions of service or empanelment of the members of the District Cyber Crime Cells under sub section (2);
(ii)qualifications of experts under clause (c) of sub section (2).”

It is interesting to note that over the last few weeks, Naavi has been repeatedly calling for involvement of select NGOs to assist Cyber Crime Police in investigations. Attention may be drawn to the following articles in this regard.

Tomorrow is Digital Society Day of India: Let’s Resolve to Improve the Cyber Crime Complaint Management System in India

How to Relieve Cyber Police in India of needless burden and make them more focused

The suggestion from the T K Vishwanathan Committee is in tune with the spirit of the suggestions made by the undersigned and are therefore considered as a welcome move.

If the empanelment of the District Committee is done properly, it would be a great support to Police particularly in smaller towns where there is still shortage of trained manpower in the Police.

Cities and Metros may be having officers with sufficient knowledge and it would be left to the IG in charge of the State as a State Coordinator to take care of how these trained police officials will deliver. However, presence of an IG specifically for this purpose would bring about a certain focus that was perhaps not evident at present and the move may therefore be helpful.

Hence both the proposed amendments to CrPc must be considered as welcome steps and opening the doors for better things to come.

Let’s hope that right persons will occupy these new positions as “State Coordinators” so that efficiency in Cyber Crime investigation will improve.

Also, designating them as “State Coordinator” will improve the possibility of Inter State Coordination. Several years back, a move of this sort had been suggested by the undersigned to create an informal periodical meeting of Cyber Crime heads of the southern states like Karnataka, Tamil Nadu and Andhra Pradesh. Perhaps this idea may be revived in the days to come and the dream of “One Nation-One Cyber Crime Police” as envisaged by Naavi, would be a reality in the near future.

Amendments to IPC

The third set of amendments proposed by the Vishwanathan Committee is in amendments proposed in IPC probably to compensate for the removal of Sectio 66A from ITA 2008 by the Supreme Court in the Shreya Singhal Case which has been debated adnauseum on this site.

Two specific amendments have been proposed to IPC with the addition of two sections namely 153C and 505A. The amendments appear to address some of the concerns addressed by the Supreme Court in delivering its judgement for scrapping Section 66A.

The amended sections state as follows:

“153 C: Prohibiting Incitement to Hatred

Whoever on grounds of religion, race, caste or community, sex, gender identity, sexual orientation, place of birth, residence, language, disability or tribe, uses any means of
communication to –
(a) gravely threaten any person or group of persons with the intention to cause fear of injury or alarm; or
(b) advocate hatred towards any person or group of persons that causes, or is likely to cause, incitement to commit an offence shall be punishable with imprisonment of either description for a term which may extend to two years or a fine up to Rs 5000, or with both.

Explanation: In this section,

(a) “means of communication” shall include any words either spoken or written, signs, visible representations, information, audio, video or combination of both transmitted, retransmitted or sent through any telecommunication service, communication device or computer resource;

(b) “telecommunication service” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Telecom Regulatory Authority of India Act, 1997;

(c) “communication device” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Information Technology Act 2000;

(d) “computer resource” shall have the meaning assigned to in clause (ha) of subsection (1) of section 2 of the Information Technology Act, 2000.

Section 505A states as under:

.
“505 A: Causing Fear, Alarm or Provocation of Violence in Certain Cases

(1). Whoever, intentionally, on grounds of religion, race, caste or community, sex, gender, sexual orientation, place of birth, residence, language, disability or tribe, uses any means of communication to communicate-
(a) highly disparaging, indecent, abusive, inflammatory, false’ or grossly offensive information with the intention to cause fear of injury or alarm; or (b) gravely threatening or derogatory information with the intent to provoke the use of unlawful violence, against any person or group of persons, shall be punished with imprisonment for a term which may extend to one year and with fine up to Rs 5000, or both.

Explanation: In this section,

(a) “means of communication” shall include any words either spoken or written, signs, visible representations, information, audio, video or combination of both transmitted, retransmitted or sent through any telecommunication service, communication device or computer resource

(b) “telecommunication service” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Telecom Regulatory Authority of India Act, 1997;

(c) “communication device” shall have the meaning assigned to it in clause (k) of subsection (1) of section 2 of the Information Technology Act 2000;

(d) “computer resource” shall have the meaning assigned to in clause (ha) of subsection (1) of section 2 of the Information Technology Act, 2000.”

Hopefully, Supreme Court would be kinder to IPC than ITA 2008 and does not interpret the amendment as “Having a Chilling Effect on Freedom of Speech” as they did earlier for Section 66A.

Introduction of these two sections should help restoration of one part of Section 66A that had been scrapped though Spamming and Phishing as well as Cyber Stalking may not be adequately covered in the new provisions as what Section 66A did.

However, some thing is better than nothing and therefore these amendments are also welcome.

Overall, though the amendments appear to be too few and many other issues have been left out, what has been attempted will bring about some positive changes in improving the Cyber Crime eco system in the country.

We have to however wait and see when these recommendations actually translate into an Act and whether it would be further changed or diluted before it is passed into a law.

Naavi

Related Articles

Proposed Amendments to ITA 2000 and Privacy Protection

Redefining the scope of ITA 2008.. in the amendments..

Suggestions on Modification of ITA 2008

Domain Name Regulation in ITA 2000..to be amended

17th October is an important date for the Digital India. It was on this day in 2000, that India notified the Information Technology Act 2000 and brought for the first time, Legal Recognition for binary expressions or electronic documents.

As a result of this, just as Independent India came into being on August 15, 1947, a Judicially recognized “Digital Society of India” came into being from 17th October 2000. Prior to this an “Electronic Document” was not recognized in law. Hence whether it was a web page or an e-mail or a computer generated document, they had no validity as a legal evidence. Crimes done with electronic documents could not be proved under the normal laws. Business could not go to Court with their disputes based on electronic documents.

All this changed on 17th October 2000 when electronic documents or more specifically, binary expressions which the computer like devices could read and interpret became as valid as a “Paper” writings on which could be seen and interpreted by law. This legal recognition of electronic document along with legal recognition of authentication through digital signatures brought in the possibility of valid digital contracts into business transactions and gave a legal support to E Commerce.

Though there has been a further amendment to ITA 2000 in 2008, and one more is now under consideration, the fundamental change in the society could be ascribed to the ITA 2000 providing recognition to Electronic Document and authentication with which we have a “Digital Person”, “Digital Identity” and “Digital Transaction” that has the recognition in law.

Recognizing this important change in the society, Naavi has been advocating that this day namely the 17th October should be recognized and celebrated by India as the “Digital Society Day” and each of us should undertake such activities as would be beneficial to the Digital/Cyber Society of India.

Unfortunately, the Government is yet to recognize the importance of this day and hence we donot see any focussed activity to celebrate this day just as we celebrate other important days such as the “Privacy Day” etc. This itself indicates that we are yet to fully appreciate what a great change was brought to India on 17th October 2000. Today’s “Digital India” concept would not be a reality but for the laws that came into being on 17th October 2000.

We hope, if not this year, at least in the coming years, Government of India declares 17th October as the “Digital Society Day” and undertake special projects across law colleges and other academic institutions  that highlight the motto “Let’s Build a Responsible Cyber Society”.

Naavi.org has been highlighting different aspects of the Cyber Society for focus each year. Last year it was an year in which we said we need to fight Ransomware.

This year we dedicate ourselves to working for the “Improvement of the Cyber Crime Complaint Management System in India “.

Improving the Cyber Crime Complaint Management System recognizes that the present system where Cyber Crime victims lodge their complaints with the Police and wait for the resolution is not working well.

There is definitely the problem of “Awareness” of law both with the public, the Police or the Judiciary. This is being addressed by various institutions including the NPA and Judicial Academy. But awareness is not the whole problem.

However, beyond the creation of awareness, the next goal should be to check  how the knowledge and awareness converts into practical benefit to the society and how the Cyber Crime victims are responded to by the Police when they approach the Police Stations.

We should ask ourselves, whether it is only the lack of awareness which is causing a displeasure for the Cyber Crime victims or the “Reluctance” to handle the complaints that is increasingly becoming a cause of concern.

Naavi uses the Pentagon Model theory of Information Security Motivation in implementation of Information Security in organizations which includes five elements to be present simultaneously for Information Security practices to emerge in an organization. They are

a) Awareness: of Why, What and How

b) Acceptability: that it is required for self and society

c) Availability: of tools required to implement

d) Mandate: By law and internal policies

e) Inspiration: Created by specific programs

These five principles are like the five walls of a pentagon which should close properly for Information Security to be implemented.

The same principle also applies to the implementation of proper methods to improve the Cyber Crime Complaint Management System in our Law enforcement.

It is Naavi’s observation that we need to  improve this system of quick and effective response from the Cyber Crime Policing System if public are to be satisfied.

I urge academic institutions across the Country and the NGOs to undertake projects to identify the problems of Cyber Crime Victims in getting their disputes heard and resolved through as many activities as possible during the year so that we can move towards a better management of Cyber Crime complaints in the coming days.

Any suggestions and papers received in this regard for publications on Naavi.org is welcome.

Naavi

Today’s Times of India, Bangalore edition carries a full page Ad asking public to “Invest in Crypto Currency this festive season”

The publication is an advertorial feature under the name of Prafull Sawant with email ID response.mumbai@timesgroup.com.

The feature promotes Bitcoin as an “investible digital currency” and speaks of 300% appreciation, not likely to come down in value etc.

Though a mention has been made that RBI has cautioned user’s against the risks, the perception sought to be created by this ad is clearly to promote Crypto currencies and Bitcoin as an alternative to digital payment systems.

The Advertisement is unethical and the Advertisement Council of India should also look into it and take appropriate action.

In the meantime, it seems that the advertisers “ico.iworldonline.com” appear to have clearly dared Mr Narendra Modi, Amit Shah and Arun Jaitely speaking about elimination of Black money from India. Mr Modi and others should realize that we cannot allow promotion of Bitcoin and at the same breath talk of eliminating Black money.

Also note that the advertisement is coming from an “ico” umbrella. The domain has been registered by one “Alex Fedosseev, of , San Jose California” who maintains the site shown below.

This indicates that this advertiser is interested in promoting Initial Coin Offerings of other Crypto Currencies also.

The URL given in the advertisement also redirects to the following page.

This is a recipe for disaster as far as investors are concerned.

RBI and Finance Ministry cannot allow this promotion.

If therefore no action is taken immediately to stop this promotion, I would consider Mr Arun Jaiteley as Finance Minister and Mr Urjit Patel as RBI Governor personally liable for any losses that investors may suffer as a consequence of this advertisement.

I have separately sent e-mail notices to the concerned persons.

If Mr Modi cannot save India from Bitcoins, then we can only ask God to save India.

I wish other persons who genuinely are concerned with “Honest Tax payer’s Concerns” take this up further to those in the Government who seem to be deaf and dumb in this respect.

Naavi

I invite reference to the  Report discussing the observations of the Supreme Court in the Civil Appeal No 179 of 2017, Nabha Power Limited  Vs  Punjab State Power Corporation Ltd.

The judgement has discussed several aspects of contracts which is very important for the community of web users and E Commerce to note. Naavi.org has discussed this on different occasions including the previous occasion when we discussed the Shapoorji Pallonji e-tender issue

In particular, there is a clear opinion on the “Express Terms of a Contract” and the “Implied Terms of a Contract” which are important in interpreting the online web contracts which have become ubiquitous.

The judgement refers to the principles to be considered when there is an express contract along with which the implied terms such as

1. What the parties have expressed in the contract;
2. An implied term is not to be added because the Court thinks it would have been reasonable to have inserted it in the contract.
3. A term can only be implied if it is necessary in the business sense to give efficacy to the contract;

It was also observed that ” danger lies, however, in detaching the phrase “necessary to give business efficacy” from the basic process of construction of the instrument.”

Finally the  Supreme Court  arrived at a 5 condition test indicating when “Implied terms” may be taken note of over and above the “Express Terms” in a commercial contract. The five principles are,

1. Interpretation should be reasonable and equitable
2. Necessary to give business efficacy to the contract
3. Meet the officious Bystander Test *
4. Capable of clear expression
5. Must not contradict any express terms of the contract

(Officacious Bystander Test: A suggested approach  to imagine a nosey, officious bystander walking past two contracting parties and asking them whether they would want to put some express term into the agreement. If the parties would instantly retort that such a term is “of course” already mutually part of the agreement then it is apt for implication)

However, The explicit terms of a contract are always the final word with regards to the intention of the parties. The multi-clause contract inter se the parties has, thus, to be understood and interpreted in a manner that any view, on a particular clause of the contract, should not do violence to another part of the contract.

The Court went on to conclude

“We may, however, in the end, extend a word of caution. It should certainly not be an endeavour of commercial courts to look to implied terms of contract. In the current day and age, making of contracts is a matter of high technical expertise with legal brains from all sides involved in the process of drafting a contract. It is even preceded by opportunities of seeking clarifications and doubts so that the parties know what they are getting into.

Thus, normally a contract should be read as it reads, as per its express terms.

The implied terms is a concept,which is necessitated only when the Penta-test referred to aforesaid comes into play. There has to be a strict necessity for it. In the present case, we have really only read the contract in the manner it reads.”

In the above judgement there was an express contract and the dispute was on the interpretation of some of the terms of contract where the “implied” interpretations came to the discussion table.

In the web contracts, the problem is that most of us use an online disclosure of terms and get the party whom we want to bind in a contract to simply click a hyper link which says “I ACCEPT” or such other words which imply that the person is signing off on the contract as presented. However, in India, since electronic documents need to carry a Digital Signature or an e-Sign, the web based “Click Wrap Contract” cannot be considered as equivalent to an express contract signed by parties to the contract. However it can be considered as an “Implied Contract” since by the circumstances and action of parties a contract can be implied. However when there is a dispute, the contract on the web which is not equivalent to a written contract under our law becomes a standard form contract which can be challenged as “unconscionable” if the terms are unreasonable.

In the subject judgement, Supreme Court has clarified that it will give weightage to the express contract and not the implied contract when there is a valid “Express Contract”. When there is no valid “Express Contract” a question will arise as to how the Supreme Court would interpret the “Implied Contract”.

May be we have to wait for some future time when another Supreme Court order may clarify this but if the Court gives validity to an “Undigitally signed electronic document” as if it is a valid contractual document, then it would be violating the requirements of ITA 2000/8. Hence it will have to disregard the existence of the web contract altogether and take it as an “Implied Contract” where only the “Penta-Test” will be the barometer that would determine every clause of the contract which is trying to be enforced.

This is an interesting challenge which will have to be tackled by every e-commerce consumer.

It is here that CEAC-Evidence Drop Box concept may come to the assistance of the consumer.

Naavi

We all agree that use of Cyber space by Common people is on the increase and has reached a level where we are worried about the internet/Mobile addiction and its adverse impact on the society. Government itself is encouraging a higher use of Internet through the Digital India program. E Commerce is also developing into a business model that is pushing the Citizens into online shopping and mobile Banking in a big way.

This is therefore a fertile ground for Criminals to take to Cyber Criminal activities and the Cyber Crime industry to grow faster than any other genuine business.

This will be the biggest headache for the Governments both at the Central and State level and needs to be addressed at the earliest. Despite the higher Cyber Crime and Cyber Security risks, the future is  where the population will take up to Internet even more.

Hence we need to learn to live with Cyber Crimes and find solutions on how to shield ourselves to the extent possible.

When the Citizen of the country faces any crime situation, the first friend he looks out is the Police. Hence whenever any citizen faces a problem arising out of Cyber Space, he will approach the Police for a solution. Cyber Crime police therefore have become the most sought after police personnel by the public.

However, the number of Cyber Crime cases are so huge that the Cyber Crime Police everywhere feel that they are over burdened and unable to do justice to their job. The requirement of building adequate skills are being addressed by different agencies within the Government including National Police Academy, along with the assistance of NASSCOM, DSCI, CDAC etc. to the extent possible. But the requirements are so huge that there will always be need to do more in this respect.

Governments in Center and States have not yet considered “Cyber Space Policing” as some thing which should be in the domain of “National Policing Structure” and clinging on to the age old concept of “Policing is a State Subject”. For border less crimes like Cyber Crimes, Policing have to be integrated at the International level but we are struggling here with a need for coordination within India. Just as we have brought a federal management structure for GST, we need to bring a”Federal Cyber Crime Management Council” under the Home Ministry to address the requirements of the Cyber Crime Policing and ensure that there is a single Cyber Policing authority for the whole country.

“One Country one Police” should be implemented at least in the Cyber Crime scenario.

We wish that Mr Rajanath Singh has the same acumen as Arun Jaitely to bring about this reform in the coming days.

In the current structure, Cyber Crime Police are working with a systemic disadvantage even to work within their current skill levels and hence it is becoming increasingly difficult for them to manage complaints from public.

Public will not be able to understand and even if so, appreciate the difficulties of Cyber Crime policing and increasingly feel that their complaints are not addressed by the Police.

At the same time Police will continuously feel justified in rejecting Cyber Crime complaints because they know that they have no time to look into every complaint.

When we take note that even in celebrity cases like Hrithik Roshan complaint against Kangana Ranaut, the progress is slow, one can wonder how badly equipped are the Police in handling the volumes.

While Supreme Court and Legal luminaries are more worried about issues like “Privacy”, no body seems to consider that

it is a Fundamental Right of a Citizen of a Country to get his complaints heard by the Police.

The sense of “Security” that a citizen is entitled to, comes from the feeling that if he is facing discomfort from  a wrongful action from another, he can run to the Police for help and help will be available immediately.

Are Cyber Crime Police today capable of providing such security?.. The answer is clear and resounding “No”. Cyber Crime police stations are overwhlemed with cases and jurisdictional police stations lack expertise  and hence complaints just end up as “Acknowledgements” and most of the time confined to dust bins without any investigation.

If this situation is not addressed, soon people will stop even approaching the Police and start approaching private hackers to take their revenge. Just as we have allowed “Naxalism” to grow in the physical society, we will be seeding “Cyber Naxalism”.

Ten years from now the same Cyber Crime Police will be fighting more of Cyber Naxalism than affording protection to genuine Netizens.

We therefore need to act in such a manner that the burden of Cyber Crime Police is brought down (even while efforts to increase the work force may continue). The Capacity building that DSCI is trying to do through setting up of Cyber Labs need to continue but will not be sufficient to meet the requirements of the society.

Public will therefore continue to feel that Cyber Crime police are incapable and uninterested.

I request all my friends in the Police to respond with suggestions on how we can relieve the Cyber Crime Police from such tasks that are today taking up most of their times but is not resulting in the satisfaction of the complainants.

It is in this context that in the previous article  on Social media abuse, Naavi.org  pointed out that the solution lies with the intermediaries like Google and ISPs to shed their practice of “Hiding the IP address” and “Requiring Police or Judicial intervention for revealing the identity of e-mail senders and domain name owners”.

We know that these ISPs are not keen on considering Citizen’s interests but are more concerned about the rights of Criminals. It is like our Human rights organizations who are more concerned about the victims of police atrocities but not when Police or Army are itself victims of Abuses.

We therefore suggest Supreme Court hearing the petition on Social Media Abuse should take action as suggested herein.  The Home Ministry and the IT Ministry should advise the Attorney General to request the Supreme Court to mandate some of the suggestions which I have tried to make here and in my earlier article on Social Media abuse.

What I have pointed out in this article which I would like to reiterate is that

1. ISPs like Google should provide the “Originating IP Address” with all e-mails going out of their system. “Hiding IP Address by ISPs” should be considered as”Abetment to Spamming” and should be discontinued forthwith.
2. The ISPs in India should introduce a mechanism where by any person who is a recipient of an electronic message can file an e-mail request with the ISP to seek information of the sender to the last level of name and address of the IP address owner. 
3. Other network owners should also be compelled to introduce similar measures where by they should provide the information of the identity of the sender of a message when the request is made in a proper manner.

Any non cooperation in this respect should be recognized as an offence.

Presently, under Section 69B, the Secretary of IT at DeiTy has the powers to seek “Traffic Information” failing which there could be 3 years imprisonment to the Intermediary’s CEO and executives.

This power should not be reserved for handling only political requirements but should be extended to the members of the Public.

To extend its scope,

Government should designate a number of persons all over India to act as “Nodal Officers” who can receive public requests and send properly structured requests to Intermediaries so that they may revel the information sought without affecting their commitment to Privacy.

Implementation of this suggestion  does not require any change of law or even the rules but a simple administrative instruction. Hence there should be no excuse in implementing this suggestion unless “Providing the Sense of Security to Netizen Citizens of India is not the priority of the Government of India”.

In the meantime  Mr T.K.Vishwanathan Committee on ITA 2008 amendment can also take note to declare that “Hiding identity of IP addresses which are used for misuse” is considered as an abetment to Spamming and punishable. The committee can suggest separate rules though I feel that the existing rules under Section 69B itself is sufficient to bring in this change.

The effect of this change would be that most Cyber Crime complaints will first land with these Nodal officers who can acknowledge the receipt of the complaint and forward it to the Police for their records to meet the CrPc requirements. These nodal agencies can issue “IP resolution Requests” to Google and other e-mail service providers as part of the law enforcement authorities. They can then send requests to the ISPs and obtain the details of the end user network. They can also send further request to the network owners to identify the ultimate user of the device from which the abusive mail was sent or a domain was registered.

This three step identification process will provide the identity of the perpetrator of the crime to the victim and he can there after take action either to formally approach the Police or a Court for Civil remedies.

In many cases the complainant may decide not to pursue the case or pursue it only for Civil remedies. The Police will therefore be out of such complaints.

As regards the procedure for requesting the Nodal officer, the key is that complaint should be allowed only by an identified complainant ..such as with Aadhaar ID and a digitally signed (or e-signed) request. As long as the complainant is declaring that “He is feeling that his Privacy or Security is being adversely affected by the act of the sender of the message”, there is no need for any other reason to refuse the request.

This should be handled like an RTI query through a web form (enabled for e-sign) and automatically acted upon so that IP resolution happens in real time.

There could be a general declaration that the complainant accepts that he shall be punishable if he fakes his identity or the reason for seeking the information.

I request that the Central Government takes this suggestion seriously and implement  some or all of the above suggestions to bring relief both to the Cyber Crime Police Stations and to the Public.

I also wish that organizations such as Center for Internet and Society or the media houses such as “Republic” should undertake a study on the “Satisfaction Level of Public in India on Cyber Crime Policing” in India and provide some feedback to the Government on whether Cyber Crime Policing could improve with such measures.

If “Digitization of India” is an election issue, “Efficient Cyber Crime handling” is also an election issue and hence the media houses need to flag this in their election surveys at least in the urban areas.

Any suggestions are welcome. I wish all right thinking persons should join this debate.

Naavi

Eminent lawyers of the country seem to have taken up a fight against Social Media for enabling “abusive content”.

According to the news reports, they are demanding that Supreme Court should consider “Regulation of Social Media”.

However, we need to point out that Supreme Court should not be diverted from the core issue into getting into regulating social media though this would make a good media copy.

Some time back when Supreme Court scrapped Section 66A of ITA 2000, Naavi.org was a lone dissenting voice stating in no unclear terms that Supreme Court was wrong.The advocates who are now crying hoarse against Social Media had words of great praise for scrapping of Section 66A. (Refer articles here).

Our opposition to Section 66A scrapping was that it was a wrong medicine for the problem which was the wrongful arrest of citizens for innocuous social media activities. The decision was faulty since Section 66A was not meant for addressing abusive posts on Twitter and Facebook but was wrongly blamed. As a result, Cyber Bullying, Cyber Stalking, Harassment through E-Mails, SMS, Spamming and Phishing all went  out of the regulation under Section 66A.

Under the guise of protecting the “Freedom of Speech”, the Supreme Court in this Shreya Singhal judgement gave a “License to Abuse”. What we are observing today has the origin in the perception that “Section 66A was scrapped by Supreme Court because social media abuse was considered as a part of the fundamental right to freedom of speech”.

It is therefore amusing that the same eminent lawyers and the Supreme Court as well as the conventional media are now converging on an attempt to gag the Social Media under some pretext.

If Supreme Court withdraws its Shreya Singhal judgement and reinstates Section 66A, it would be one of the best and easy solutions to reverse the perception.

It must be reiterated here that the arrests of innocent citizens under Section 66A which led to the decision  of scrapping the section was born out of a mis-interpretation of the Police that the section was applicable to “Publishing” in the social media such as FaceBook and the Twitter. The Courts at all levels failed to call the mistake and took to grandstanding as “Champions of Freedom of Speech” and scrapped the section.

Now it appears that the Eminent Jurists are again creating a situation that may lead to another bad decision as regards Social Media.

In the present instance, abuses on Social media can be addressed (in the absence of Section 66A) through relevant sections of IPC provided the electronic evidence is properly presented with Section 65B certification. Hence there is legal protection against misuse of the Social Media except for procedural issues that may require attention. If Section 66A is reinstated, situation would improve substantially.

However, the root problem of Social Media use for abuse is not that there is a freedom to publish anything including irresponsible content but the fact that it can be done “Anonymously”. The same eminent jurists and the Supreme Court are responsible for creating a false impression in the society that “Privacy is protected by hiding one’s identity in social media communications”.

Again, it is not the issue whether “Privacy” is an important fundamental right and needs to be protected or not… but whether the current manner in which we are protecting Privacy through enabling “Anonymity” is the right way to protect Privacy.

All Twitter and Facebook abuses as well as WhatsApp misuse can be stopped if in case of misuse the persons responsible can be identified easily and simply named and shamed. But we are not prepared to do it because we feel “Privacy” right is being curtailed by making the identity of Social Media users hard to get at except with an FIR or Court direction.

We track the location of users of Computers and Mobiles to the last meter to display restaurants around us or for hailing a cab, but we are not prepared to track the location of the social media abusers.

The Twitter and Facebook IDs are dependent on the e-mail IDs of the owners and its use pattern. Similarly, website IDs are dependent on domain name registrations which again are linked to e-mail IDs.

Hence behind most of the issues that we face today and call Cyber Crimes or Social Media abuses, there is a hidden e-mail ID. If Google happens to the biggest e-mail provider, then it is the reason for most of these crimes being encouraged and abetted by the false sense of Privacy protection that the society is now supporting.

I have recently raised a query with Google why it should not take the mandatory consent of the recipients of Gmail to automatically know the originating IP address of the sender. If as a part of the Gmail setting, I declare that all incoming emails should be accepted only if the originating IP address is revealed to the recipients, Google can put in a system where the senders would be notified that their email will be delivered to the destination address only if they permit revealing the originating IP address to the addressee.

This is a simple technical correction which the Supreme Court can mandate if they are really concerned about the social media abuse.

In a similar manner, the dynamic IP address of the ISP or the owner of a mobile  should also be automatically revealed at the request of a recipient of an e-mail or SMS or Call for which ISPs can put in a system where by the request is made by an identified citizen of India (say under his Aadhaar identity) and a declaration that he is in receipt of an e-mail or mobile communication from the person whose identity is being sought and a further assurance that if his request is on false grounds, he may be prosecuted for “Breach of Privacy under false pretensions”.

This is also a simple technical correction which the Supreme Court can mandate if they are really concerned about Social Media abuse.

I therefore call upon the honourable Chief Justice of India, Mr Dipak Sharma and responsible advocates mike Mr Harish Salve that they should consider these suggestions.

I request readers who re rightly connected, to pass on this request to Mr Harish Salve and Justice Dipak Mishra since they are unlikely to be otherwise informed about the “Solutions” and would be bogged down with the “Problems”.

Naavi