Header image alt text


Building a Responsible Cyber Society…Since 1998

Cyber Laws have been in discussion in India since around 1998 when the first draft was published. After the passage of Information Technology Act 2000, the laws came into existence and started affecting every one of our activities on computer including personal activities such as E Mails, Web activities, Mobile phone communication, etc as well as commercial activities such as  E banking, E Commerce, E Governance etc.

However after 20 years since the draft E Commerce Act 1998 was released by the Government of India, our Courts and Police as also the Lawyers are still struggling to understand and interpret the law. We therefore have difficulties in understanding Section 65B certification of electronic evidence, the legal implication of digital and e-sign, understanding certain crimes such as hacking,  the man in the browser attacks, Viruses, Trojans etc.

Indian judicial system however being an adversarial system, is capable of absorbing inadequate understanding and interpretation of law since the responsibility of the judge is to interpret evidence and arguments as presented by the parties. . At higher levels, Judiciary is comfortable with a state of inconsistency so that every judge takes his own decision based on what he understands of the law and leaves it to the higher judicial authority to correct mistakes if required.

This means, Garbage in Garbage out principle is applicable for our Judicial verdicts. This is acceptable to the Judicial system. But should it be also acceptable to the victims of bad judgements?…a point to ponder

In some strange way, being a country where citizens are tolerant of inefficiency and corruption in all affairs of the Government, Police and Judiciary, we simply shrug off a bad decision and move on.

But one thought comes across my mind when we observe some of the latest developments in technology around us.

First is the advent of  Big Data, Data Analytics, IoT, Artificial intelligence etc which are common discussion points today in the IT industry. We have been discussing what happens to the concept of “Privacy” when “Aadhar” is used as an Universal ID as if it is the biggest challenge before humanity. Silently however, Artificial Intelligence and humanoid robots have made their appearance which will create many new challenges to the Cyber Law makers and Cyber Law interpreters.

Some of the challenges in application of Cyber Law to the current technological developments have manifested in the domain of Banking and Finance. The debate on Block Chain technology Bitcoins, etc are issues that have presented the complications that the new technologies may be creating in the economic world. If a simple negligence in technology implementation in Banking such as not linking SWIFT messaging system to the CBS system, and providing access without robust security  in Banks can give raise to frauds worth thousand of crores and destabilize our economy and stock markets, we can imagine what kinds of upheavals may be caused in the society when the new technology developments such as Artifical Intelligence and humanoid robots take over key decision making process in say our Governance and Military operations.

Parellelly the manufacturing industry is also transforming itself into the Industry 4.0 state where Cyber Physical systems take over manufacturing processes with Artificial Intelligence and Data Analytics supporting the back end decision making process. The manufacturing industry is much less Cyber Law aware than the Banking and IT industry and hence the legal implications of frauds as well as the probability of frauds and crimes occurring in the manufacturing sector is much higher than in the Banking and IT industries.

I therefore anticipate a higher level of problems in the Manufacturing industry in India when the IT professionals try to push through “Disruptive Innovations” unmindful of the “Destructive Impact” on the society.

The Information Security focus therefore needs to be re-directed to address the requirements of the manufacturing industry even while we tackle the issues in the IT and Banking/Finance domains.

The fact that even after 20 years of introduction of Cyber Laws in India, our Legal and Judicial system is yet to understand the law and implement it in a consistent manner makes me wonder, how the Cyber law creators and Cyber Law interpreters would react when the new developments such as “Quantum Computing” becomes a reality.

A few month’s back, I remember that one technologist did ask me in a meeting if Indian Cyber Law is ready to face the challenges posed by Quantum Computing. Though I did state that a “Proper Interpretation” of the current laws could help us interpret the laws whether the information is processed in a classic computer system where data is stored in “Binary” language or in Qubits where the data is stored or processed differently, considering the inability of the system to understand even the current system of laws, it appears as if my optimism may perhaps be misplaced.

For those who struggle to interpret an electronic document created as a sequence of binary interpretation of the state of a transistor, it would almost be impossible to even imagine that a “Transistor” will now be replaced by a “Quantum Energy State” which can take the uncertain  value  of one or zero or both. In such a situation if a hacker has manipulated the back end process and generated a fraudulent output, how do we recognize the “Unauthorized Manipulation of data”, “how do we produce forensic evidence of the manipulation” etc will be a challenge that is not easy to solve.

Add to this “Super positioning” prospect in Quantum computing to the “Entanglement” concept where two states of a data holder can be in physically separated but the state of one could be modified by changing the other, the problem becomes more fuzzy.

If nothing else is certain, the quantum increase in the computing powers of the future generation of computers (working as back end systems driven by quantum computing processing) would need a change in our perception of “Probability of a Cryptographic key being broken”. If the current key strengths become unreliable, we may need to re-think on many of the concepts of information security and make corresponding changes in out laws.

Even today, the Criminal Jurisprudence principle that all evidence should be “Proved  beyond Reasonable Doubt” poses huge challenges when applied to Electronic Evidence. In the Quantum computing era, such issues would be even more challenging.

If therefore we want to upgrade our Cyber Laws from the current state of Cyber Law 1.0 to the era of Artificial intelligence which could be Cyber Law 2.0 and subsequently to the era of  Quantum Computing which could be called Cyber Law 3.0, then our Cyber Law makers need to start acting today in understanding the problems that the new technologies will pose to our Judges who are now in the very initial stages of appreciating the current version of Cyber Law.

Will the Government understand the challenge that the emerging technology in Computer software and hardware will pose?… if so…. when? ….is the question that remains unanswered in my mind.

I welcome the view of the readers… if any


Presently lot of discussions are happening in India on “Free Speech” and “Internet Censorship”. In this context I would like the community to be reminded of the case of Zone-H.org which was blocked in India following a defamation case filed under Section 66A by a Hyderabad company called E2 Labs.

The Government of India has been defending its decision to block Zone-H.org behind a decision of the Delhi High Court.

It was a fact that the complaint was filed with a request for an interim order to block the site which was granted in good faith by the Court until the case could be heard in detail. However the system was managed in such a manner that the respondent living abroad received an e-mail notice to appear in the Court with a notice of less than 24 hours. Obviously this was not possible and also that the respondent did not feel necessary to spend his money and time to respond. In the process the interim order remained unchallenged and became permanent. ( The developments have been summarised by Zone-H.org in this article)

During the discussions Naavi.org had brought to the notice of the Government of India that there was a prima facie need for the CERT IN to implede in the case and put across its point of view to the Court since there was an apparent accusation that the petitioner had committed some offences including the misuse of Government department’s name for promotion and fund raising as well as that there was a hacking of Government websites to create grounds for the petitioner to canvass business. These were serious charges which any sensible Government would have pursued. But the Government decided to ignore these charges and indirectly assisted the complainant in getting the Zone-H.org site blocked. Had these facts/accusations been brought to the attention of the Court, it is possible that the Court would not have given the interim order in favour of the petitioner.

Now that a new PIL has come before the Supreme Court in which the Constitutional Validity of Section 66A of ITA 2008 is being questioned, the Zone-H.org case will come for an automatic review.

The Zone-H.org case was perhaps the first case in which Section 66A was invoked for “Defamation” and hence the current PIL and this case are related. Since the respondent (Zone-H.org) is unlikely to raise this issue, it is unclear how the issue can come before the Court now unless the Supreme Court takes a Suo-Moto decision to consider that Zone-H.org blocking case is relevant to the current set of cases such as Aseem Trivedi etc and provide its considered view.

UK Twitter Joke Case on Appeal

Posted by Vijayashankar Na on December 13, 2012
Posted in Cyber Law  | Tagged With: , , , , | No Comments yet, please leave one

Dec 1: Paul Chamber case in UK which has been wrongly quoted some times in India in the Karti Chidambaram case has been referred back to Court in UK. During snowy weather, Doncaster’s Robin Hood airport had closed, threatening to derail Chambers’ plans to fly to Belfast to meet Sarah Tonner, a woman he had met on Twitter.

He tweeted on the publicly accessible feed:

“Crap! Robin Hood airport is closed. You’ve got a week and a bit to get your shit together otherwise I’m blowing the airport sky high!!.”

The Court debated the issue of  “Grossly Offensive” in the judgement.

The Indian case was more on the fact of whether “Tweet” is a “Message” or “Publishing”.

Sec 66A applies to “Messages” while Section 67 applies of “Publishing” and hence this distinction becomes relevant in India. Report


This website has been in existence since 1998.  

Older posts before the site switched to word press are available through the link at the top and here below.