Header image alt text


Building a Responsible Cyber Society…Since 1998

Ever since Law entered Cyber space and the term “Cyber Law” was coined, the field of law has been shaken up.

When ITA 2000 (Information Technology Act 2000) was notified and conventional lawyers started reading it they soon encountered right under Section 3, terms such as “Asymmetric Crypto system” and “Hashing”. Immediately it was clear that their years of study of LLB and experience in the Bar was of little relevance in the new emerging world of “Cyber Law”.

At this point of time, a breed of “Cyber Law Specialists” were born who studied ITA 2000 from its birth and had no prior in depth knowledge on Civil or Criminal law. Gradually, many of the “Computer Savvy Lawyers” who could understand some computer terms such as hard disk, memory, hacking, denial of service etc graduated as “Cyber Law Specialists” with different degrees of specialization in civil or criminal law along with an awareness of computer technology.

Simultaneously, pure technology specialists working in the area of “Cyber Forensics” also graduated into a multi discipline specialization by acquiring awareness of ITA 2000 or Cyber Laws.

With this convergence of technology knowledge/specialization with law specialization/awareness was born a new breed of specialists who could describe themselves as “Techno Legal Specialists”.

In the Information Security domain, these specialists became “Techno Legal (TL)  Information Security Specialists”.

Some of these specialists like the undersigned recognized the importance of “Behaviour Science” in Information Security area just like in the case of “Criminology” and added the “Behaviour Science Specialization” to their forte to create a “Techno Legal Behavioural Science Specialization” to be used both for Cyber Criminology and Information Security.

We may recognize these developments as different generations of Cyber Law specializations that are developing not only in India but also elsewhere.

When we look at some of the emerging problems such as Section 65B of Indian Evidence Act and the struggle of the community to handle the Cyber Crimes emanating from the deep web, it is clear that we are still a long way off from mastering the art of “Techno Legal Behavioural Science (TLBS) Specialization” either in the Information Security area or in the Cyber Law area.

Failure to acquire this TLBS specialization in the Information Security domain results in increasing Cyber Crimes, data thefts etc including the Cyber Analytica kind of issues.

Failure to acquire this TLBS specialization in the Cyber Law domain results in increasing cases of bad Judgements such as the Section 66A and Shafhi Mohammad judgement by the Supreme Court of India or the Shapoorji Pallonji case judgement by Mumbai High Court.

Emerging Cyber Law Scenario

While there is a need to continue our work on creating better awareness and better understanding of the TL and TLBS concepts through our education system both in Law Education and in Engineering education and let it percolate through the practicing lawyers to the Judiciary, the environment has moved further with the advent of Artificial Intelligence and Quantum Computing making further changes to the interpretation of Cyber Law principles.

Just as Digital Signature concepts which included Asymmetric Crypto System and Hashing which are mathematical concepts into the domain of Cyber Law, the development of Quantum Computing has now brought “Physics” directly into the domain of Cyber Law.

Now a full rounded Cyber Lawyer needs to not only know law, computer technology and behavioural science, but also Physics.

We must remember that what we were calling as “Computer Technology” so far already incorporated “Physics” because every “Bit” that held the data in a computer device was actually a “Transistor” in miniature form and every processing on a computer happened with “Electronics” in the back end.

But just as “Classical Physics” was disrupted by “Quantum Physics” and the laws of Classical physics including the famous laws of Newton had to be re-written in the Quantum world and even the geniuses like Albert Einstein were proved wrong in parts in the Quantum Physics domain, all the current laws which we codify as “Cyber Laws” may need a complete re-look in the Quantum computing environment.

We must therefore recognize that the next generation of Cyber Law specialization is now here. I will call this the “Quantum Cyber Law Specialization”.

The Quantum Cyber Law (QuCL/QCL) specialists need to not only understand the depths of Law along with “Transistor based Classical Computers” but the emerging “Qubit based Quantum Computers” where the “Qubit” is not a transistor but a Nucleus or an Electron.

Just as the Classical Computer works on a transistor representing a “Bit” which can be either with a charge or no charge representing the binary states of one or zero, the Qubit represents an electron or a nucleus which is spinning either in the clockwise or anti clockwise direction representing the two states Zero or One.

The enigma of Quantum Computing however is the “Principle of Uncertainty” that a spin state of an electron can be one and zero at the same time but collapses into one of the two states at the time of measurement.

The readers of this blog consists mainly of Classical Cyber Law Followers. Some of them may find the concept of Quantum Computing a bundle of scientific fiction. They may have to chose to ignore some of the articles that may appear here on this “Emerging Technology” concepts and focus on improving their understanding of the “Transistor Based classical technology” and how it affects Section 65B etc .

But those crazy technology buffs who would like to explore the computer world of the future, it is necessary to slowly start grasping some of the new concepts to stay relevant in the post 2030 Cyber law world.

The undersigned is also in the process of exploring the Quantum Computing principles and is experimenting with some thoughts not all of which may be considered “Definitive”. Errors and mis-interpretation could be expected since this is considered as a learning process.

Readers may therefore treat some of these articles more as as hypothesis to be tested and tuned. The presented hypothesis may be debunked and improved. by Quantum Cyber Law (QuCL) watchers.

Understanding QuCL requires even more depth of technical knowledge than what is required for understanding Cyber Law as we know today.

Further the technical knowledge required for understanding QuCL would include the knowledge of Quantum Physics and its application to the creation of logic gateways and data store techniques which is more than what most computer science specialists possess in the natural course of their development.

I am yet to find a term to describe this “Multiple Domain Experts who know Computer Technology, Law and Physics”.

Probably they should be called “Techno Legal Physicists” or “Quantum Physics Technology Law Specialists” (QPTLS) and this specialization should be termed as Quantum Physics Techno logy law (QPTL) specialization.

Like many things in the life of Naavi, perhaps Naavi will be the first to describe himself as a Techno Legal Physicist or Quantum Physics Technology Law Specialist  (now in the process of graduation).

Even today, many of the lawyers ask me in a cross examination in a Court  “Where did you get your Cyber Law Degree” to make you an “Expert”. I normally reply that “In 1998 when I started studying Cyber Law and in 2000 when I started Cyber Law College, there was no other university or college which was qualified to give Cyber Law degrees (at least in India) and hence my Cyber Law specialization had to be and is self acquired”.

Similarly, now I have to say that the new specialization of “Techno Legal Physicist” or “Quantum Physics Technology Law Expert”  will have to be a self acquired skill which I will endeavour to acquire through self study.

With this, I have a message to the Cross examining lawyers who try to embarass me on a witness box with questions that I donot have a law degree or a computer science degree and cannot call myself as eligible to give evidence on computer aspects. They must remember that I have a Master’s degree in Physics with a specialization in nuclear physics itself that makes me eligible to talk on law that depends on transistors and quantum mechanics, as an expert.

However, I humbly submit that “Expertise” is a “Relative expression”. Knowledge is so huge that no person can call himself an “Expert”. One can be more an expert than the other in a given niche area and may be a novice at the same time in another aspect.

The description of an “Expert” under Section 45/45A of Indian Evidence Act has to absorb the “Quantum Principle” that a witness may be an “Expert” or a “Novice” at the same time and it is only when his knowledge is measured against a specific question that his “State” will collapse into either “Expert” or “Not an Expert”.

Next time when a cross examining lawyer asks me, “Are you an Expert?” “Do you know technology?” etc., I may answer, “I am an expert or a novice at the same time like a Qubit being in the state of one of zero at the same time. You try to pose a question and I may collapse into either being an expert or not”.

Problem however is that the Judge may immediately say.. Please donot argue with the counsel and put counter questions… answer Yes or No not Both…..

Practicing lawyers specialized with court procedures may kindly advise me what would be the correct answer to the question that witnesses cannot be in quantum state and say “Yes and No” but  have to be always in either “Yes” or “No” state.

In the wonderland of Quantum Cyber Law , a new specialization of Techno Legal Physics needs to be recognized to answer such questions.


Cyber Laws have been in discussion in India since around 1998 when the first draft was published. After the passage of Information Technology Act 2000, the laws came into existence and started affecting every one of our activities on computer including personal activities such as E Mails, Web activities, Mobile phone communication, etc as well as commercial activities such as  E banking, E Commerce, E Governance etc.

However after 20 years since the draft E Commerce Act 1998 was released by the Government of India, our Courts and Police as also the Lawyers are still struggling to understand and interpret the law. We therefore have difficulties in understanding Section 65B certification of electronic evidence, the legal implication of digital and e-sign, understanding certain crimes such as hacking,  the man in the browser attacks, Viruses, Trojans etc.

Indian judicial system however being an adversarial system, is capable of absorbing inadequate understanding and interpretation of law since the responsibility of the judge is to interpret evidence and arguments as presented by the parties. . At higher levels, Judiciary is comfortable with a state of inconsistency so that every judge takes his own decision based on what he understands of the law and leaves it to the higher judicial authority to correct mistakes if required.

This means, Garbage in Garbage out principle is applicable for our Judicial verdicts. This is acceptable to the Judicial system. But should it be also acceptable to the victims of bad judgements?…a point to ponder

In some strange way, being a country where citizens are tolerant of inefficiency and corruption in all affairs of the Government, Police and Judiciary, we simply shrug off a bad decision and move on.

But one thought comes across my mind when we observe some of the latest developments in technology around us.

First is the advent of  Big Data, Data Analytics, IoT, Artificial intelligence etc which are common discussion points today in the IT industry. We have been discussing what happens to the concept of “Privacy” when “Aadhar” is used as an Universal ID as if it is the biggest challenge before humanity. Silently however, Artificial Intelligence and humanoid robots have made their appearance which will create many new challenges to the Cyber Law makers and Cyber Law interpreters.

Some of the challenges in application of Cyber Law to the current technological developments have manifested in the domain of Banking and Finance. The debate on Block Chain technology Bitcoins, etc are issues that have presented the complications that the new technologies may be creating in the economic world. If a simple negligence in technology implementation in Banking such as not linking SWIFT messaging system to the CBS system, and providing access without robust security  in Banks can give raise to frauds worth thousand of crores and destabilize our economy and stock markets, we can imagine what kinds of upheavals may be caused in the society when the new technology developments such as Artifical Intelligence and humanoid robots take over key decision making process in say our Governance and Military operations.

Parellelly the manufacturing industry is also transforming itself into the Industry 4.0 state where Cyber Physical systems take over manufacturing processes with Artificial Intelligence and Data Analytics supporting the back end decision making process. The manufacturing industry is much less Cyber Law aware than the Banking and IT industry and hence the legal implications of frauds as well as the probability of frauds and crimes occurring in the manufacturing sector is much higher than in the Banking and IT industries.

I therefore anticipate a higher level of problems in the Manufacturing industry in India when the IT professionals try to push through “Disruptive Innovations” unmindful of the “Destructive Impact” on the society.

The Information Security focus therefore needs to be re-directed to address the requirements of the manufacturing industry even while we tackle the issues in the IT and Banking/Finance domains.

The fact that even after 20 years of introduction of Cyber Laws in India, our Legal and Judicial system is yet to understand the law and implement it in a consistent manner makes me wonder, how the Cyber law creators and Cyber Law interpreters would react when the new developments such as “Quantum Computing” becomes a reality.

A few month’s back, I remember that one technologist did ask me in a meeting if Indian Cyber Law is ready to face the challenges posed by Quantum Computing. Though I did state that a “Proper Interpretation” of the current laws could help us interpret the laws whether the information is processed in a classic computer system where data is stored in “Binary” language or in Qubits where the data is stored or processed differently, considering the inability of the system to understand even the current system of laws, it appears as if my optimism may perhaps be misplaced.

For those who struggle to interpret an electronic document created as a sequence of binary interpretation of the state of a transistor, it would almost be impossible to even imagine that a “Transistor” will now be replaced by a “Quantum Energy State” which can take the uncertain  value  of one or zero or both. In such a situation if a hacker has manipulated the back end process and generated a fraudulent output, how do we recognize the “Unauthorized Manipulation of data”, “how do we produce forensic evidence of the manipulation” etc will be a challenge that is not easy to solve.

Add to this “Super positioning” prospect in Quantum computing to the “Entanglement” concept where two states of a data holder can be in physically separated but the state of one could be modified by changing the other, the problem becomes more fuzzy.

If nothing else is certain, the quantum increase in the computing powers of the future generation of computers (working as back end systems driven by quantum computing processing) would need a change in our perception of “Probability of a Cryptographic key being broken”. If the current key strengths become unreliable, we may need to re-think on many of the concepts of information security and make corresponding changes in out laws.

Even today, the Criminal Jurisprudence principle that all evidence should be “Proved  beyond Reasonable Doubt” poses huge challenges when applied to Electronic Evidence. In the Quantum computing era, such issues would be even more challenging.

If therefore we want to upgrade our Cyber Laws from the current state of Cyber Law 1.0 to the era of Artificial intelligence which could be Cyber Law 2.0 and subsequently to the era of  Quantum Computing which could be called Cyber Law 3.0, then our Cyber Law makers need to start acting today in understanding the problems that the new technologies will pose to our Judges who are now in the very initial stages of appreciating the current version of Cyber Law.

Will the Government understand the challenge that the emerging technology in Computer software and hardware will pose?… if so…. when? ….is the question that remains unanswered in my mind.

I welcome the view of the readers… if any


Presently lot of discussions are happening in India on “Free Speech” and “Internet Censorship”. In this context I would like the community to be reminded of the case of Zone-H.org which was blocked in India following a defamation case filed under Section 66A by a Hyderabad company called E2 Labs.

The Government of India has been defending its decision to block Zone-H.org behind a decision of the Delhi High Court.

It was a fact that the complaint was filed with a request for an interim order to block the site which was granted in good faith by the Court until the case could be heard in detail. However the system was managed in such a manner that the respondent living abroad received an e-mail notice to appear in the Court with a notice of less than 24 hours. Obviously this was not possible and also that the respondent did not feel necessary to spend his money and time to respond. In the process the interim order remained unchallenged and became permanent. ( The developments have been summarised by Zone-H.org in this article)

During the discussions Naavi.org had brought to the notice of the Government of India that there was a prima facie need for the CERT IN to implede in the case and put across its point of view to the Court since there was an apparent accusation that the petitioner had committed some offences including the misuse of Government department’s name for promotion and fund raising as well as that there was a hacking of Government websites to create grounds for the petitioner to canvass business. These were serious charges which any sensible Government would have pursued. But the Government decided to ignore these charges and indirectly assisted the complainant in getting the Zone-H.org site blocked. Had these facts/accusations been brought to the attention of the Court, it is possible that the Court would not have given the interim order in favour of the petitioner.

Now that a new PIL has come before the Supreme Court in which the Constitutional Validity of Section 66A of ITA 2008 is being questioned, the Zone-H.org case will come for an automatic review.

The Zone-H.org case was perhaps the first case in which Section 66A was invoked for “Defamation” and hence the current PIL and this case are related. Since the respondent (Zone-H.org) is unlikely to raise this issue, it is unclear how the issue can come before the Court now unless the Supreme Court takes a Suo-Moto decision to consider that Zone-H.org blocking case is relevant to the current set of cases such as Aseem Trivedi etc and provide its considered view.

UK Twitter Joke Case on Appeal

Posted by Vijayashankar Na on December 13, 2012
Posted in Cyber Law  | Tagged With: , , , , | No Comments yet, please leave one

Dec 1: Paul Chamber case in UK which has been wrongly quoted some times in India in the Karti Chidambaram case has been referred back to Court in UK. During snowy weather, Doncaster’s Robin Hood airport had closed, threatening to derail Chambers’ plans to fly to Belfast to meet Sarah Tonner, a woman he had met on Twitter.

He tweeted on the publicly accessible feed:

“Crap! Robin Hood airport is closed. You’ve got a week and a bit to get your shit together otherwise I’m blowing the airport sky high!!.”

The Court debated the issue of  “Grossly Offensive” in the judgement.

The Indian case was more on the fact of whether “Tweet” is a “Message” or “Publishing”.

Sec 66A applies to “Messages” while Section 67 applies of “Publishing” and hence this distinction becomes relevant in India. Report


This website has been in existence since 1998.  

Older posts before the site switched to word press are available through the link at the top and here below.