Donald Trump the Republican nominee for US president this year says “There will be no prosperity without Law and Order”. This was said in the context of the American physical space where Crime and Terrorism has created a situation where protection of the US citizens has become the prime election plank for US presidency. But what he said in the context of the US physical space is also a timely reminder for Cyber Space watchers in India or more so to the Cyber Space regulators of India.
Time and again we have highlighted the need to ensure “Security” before we take a technology leap particularly when the users are uneducated and un-initiated to a security culture. However, the Ministry of IT has not moved fast enough and decisively enough to take such steps as are necessary to mitigate the Cyber Crime risks in the country.
It is possible that Government may not accept this criticism and say that they are taking many steps in the background for which the public is not privy. I hope it is true and security issue is being addressed in all our Digital India projects including the FinTech revolution in the financial sector, Tele Medicine projects, E Governance projects, Smart City projects , Smart Grid projects, Big Data projects etc.
But if we look at some of the publicly visible aspects such as E Banking Security, Lack of Government interest in Cyber Insurance, Continued apathy to re-activation of the Cyber Appellate Tribunal, Non Correction of the flawed Adjudication System of Cyber Justice, Scrapping of Section 66A which remains unchallenged, it appears that the list of what needs to be done urgently seems to be growing.
Not all of this can be blamed on the Modi Government since atleast on the Cyber Appellate issue and Section 66A, the role of Supreme Court is evident. But the Government has not decisively taken steps to fight it out with the Supreme Court to make necessary corrections.
As regards the financial sector, very recently, RBI has taken some bold new initiatives and demanded action from Banks on the security front with deadlines. A Cyber Security Framework has been suggested and Bank’s acknowledgement on its implementation has been asked before July 31st. If this is pursued, there should be improvement in the E-Banking security. But will the new Governor takes steps to push the Banks beyond issue of circulars is to be watched.
The FinTech Companies are changing the financial landscape in the country and are also eroding the role of the regulated Banks in shaping the future of e-finance industry. These being private sector companies, their profit motive is at a level higher than the commercial Banks and the possibility of a trade off between security and profits is high. There is therefore a need to keep a strict watch on the activities of FinTech Companies and ensure that the regulation works.
If however, the Government is committed to “Free Enterprise” and “Placing Faith in Private Sector” and liberalize the financial sector, then there is a need for the Government to simultaneously take steps to protect the Citizens from the vagaries of Cyber Crimes. Citizens cannot be left to fend for themselves and used as sacrificial lambs to promote Digital India.
I therefore advocate immediate steps for the Government of India to take namely,
- Call a meeting with the CJI and finalize the appointment of the Chair person of Cyber Appellate Tribunal immediately without the larger issues such as NJAC becoming a stumbling block.
- Improve the system of “Adjudication” under Section 46 of ITA 2000/8, by setting up a separate “Adjudication Bench” in each State and Union Territory which should consist of one member of the Judiciary trained in Cyber Crimes to be the Adjudicator and supported by a technically qualified Co-Adjudicator who could be a Government official like the IT Secretary or even a Non Governmental person.
- Both the Adjudication system and Cyber Appellate Tribunal should be mobile and sit in any location outside their head quarters as often as required and also use video conferences to reduce the cost of the process and make it more user friendly.
- Introduce a strict policy in Banks that they should not pursue the policy of litigation on Customers for Cyber Crime related issues unless there is evidence that the customer is involved in the fraud and ensure that the NPA recognition norms are suitably altered to ensure that Banks try to hide cyber crime frauds under “Pending litigation”.
- Introduce a “Limited Liability” policy in terms of cyber crimes related to ATM cards, Credit Cards, Phishing, Mobile Wallets etc where the customer’s loss should be limited to not more than 10% of the amount lost so that where he opts for immediate settlement, the complaint may be closed at this 10% cap without any litigation with the customer while the Bank may continue its efforts to recover the full money lost against the alleged fraudster.
- Introduce mandatory Cyber Insurance for Mobile Wallet users across the country upto a nominal amount of Rs 5000/- per month and subject to an annual limit of Rs 10000/- (The limits are suggestive) with strict penalization for fraudulent claims through the re-invigorated Adjudication system.
- Section 66A of ITA 2008 which not only provided security against Cyber Stalking and Cyber Bullying but also on Spamming and Phishing should be re-introduced immediately if possible with a simple review of the earlier decision by a larger Supreme Court bench introducing whatever clarifications that Supreme Court wants on Free Speech..
I request Mr Ravishankar Prasad, the honourable Minsiter of Law and IT to immediately take steps to initiate these suggestions and where there is financial implications such as Cyber Insurance and Banking liability, I request Mr Arun Jaitely as the honourable Finance Minister to step in with his support.
If such measures are not taken at the earliest, I foresee that political opponents of Mr Modi will hire hackers to hack into Cyber Assets of the country, inflict loss on the public and hold Mr Modi responsible in the same way some allegedly thought of hiring Ishrat Jehan and Taliban forces to assassinate him.
This is a prophesy which I donot want to become true but urge the Government not to neglect.
Mr Donald Trump has rightly identified that unless terrorism is eliminated by a policy which is different from the current “Politically Correct” approach, there will be no prosperity for the community. Similarly, in Digital India, prosperity will not be possible if the Government does not take corrective steps and slips into complacency that Technology is fascinating and nothing will go wrong.