Successive Governments in India launched technology driven initiatives like National E-Governance Plan (NEGP), Digital India (DI), etc from time to time. Both NEGP and Digital India are very ambitious and crucial projects for making India a technology giant and world leader in technology goods and services. Just like all projects, NEGP and Digital India are also facing certain challenges and limitations. Nevertheless, they deserve to be continued with adequate Cyber Security, Civil Liberties Protection, Data Security and Data Protection, Privacy Safeguards, etc.
In this trend Perry4Law Organisation (P4LO) is confining itself to the projected trends of Digital Payments and Cashless Economy that may emerge in India in 2017. We would cover Cyber Security and related issues in detail in other trends and development documents.
(1) Demonetisation: The Digital Payments and Cashless Economy Trends 2017 are greatly influenced by the “Demonetisation” exercise that was undertaken by Narendra Modi Government in November 2016. The expression Demonetisation has been used here not in its “Legal Sense” but “Popular Sense”, as is commonly used by public at large. Further, without going into the “Constitutionality” or “Legality” of Demonetisation, it is clear that Government intends to use this opportunity to encourage Digital Payments. We at Perry4Law Organisation (P4LO) believe that Cashless Economy is an “Over Ambitious” and “Unachievable” goal and we must focus upon “Less Cash Economy” instead.
At the same time, “Public Inconvenience” and “Hardships” must be eliminated as much as possible and as soon as possible by Central Government as more than one month has already elapsed.
The idea should be “Long Term Benefits” and not “Long Term Hardships” arising out of Demonetisation. Clearly, the Inconvenience and Hardships are moving away from “Temporary’ to “Long Term” and this is a dangerous scenario to be ignored and continued by Central Government. Even from the perspective of GDP, this is not healthy for our Economy in the long run.
(2) Cyber Law: Information Technology Act, 2000 needs a complete rejuvenation as much has changed since it was formulated in 2000. The idea of stuffing everything into a single law is really bad and we need “Dedicated Laws” for different aspects of Cyber Law, Cyber Security, Cyber Crimes Investigation, Cyber Forensics, E-Discovery, etc. Digital Payments would also require dedicated norms and regulations for proper usage and implementation. The present regulatory regime in this regard is grossly deficient and it cannot accommodate Digital Payments, Online Banking, Payments Banks, Fintech Entrepreneurship, etc.
(3) Cyber Security: Cyber Security is a big “Pain Point” in implementation of NEGP, Digital India, Digital Payments, Cashless Economy, etc. As predicted in Cyber Security Trends of India 2016, the Cyber Security Infrastructure of India remained poor in India in 2016. In the absence of any “Constructive Action” regarding Cyber Security by Central Government in 2016, Cyber Security may remain “Weak” in 2017 as well. More detailed Cyber Security Trends of India 2017 would be provided by Perry4Law Organisation (P4LO) very soon.
(4) Cyber Security Norms: India has no dedicated Cyber Security Law and this is a serious limitation. This also means that as a Nation, we have failed to understand not only about Cyber Security but also about its possible damages. We cannot draft a suitable and robust Cyber Security Law of India till we first understand the “basics” of Cyber Security. Then we must understand the “technicalities” of Cyber Security keeping in mind the International nature of Cyberspace. It would be futile to pretend that India has a strong Cyber Security Infrastructure when the opposite is the reality. We urgently need dedicated Cyber Security Law and norms for India for successful NEGP, Digital India and Digital Payments.
(5) Cyber Breaches Disclosure Norms: A major reason for poor Cyber Security adoption in India is because there is no “Implementable Legal Obligation” against Companies and Organisations to report serious “Cyber Security Breaches” to Central Government. In India, nobody bothers to report about Cyber Security Incidences and Breaches to Government and Government is unable to ascertain the damage. This is a dangerous situation for Digital Payments and Cashless Economy that Indian is dreaming to be. Imagine a situation where you have been using an “Insecure” Credit Card, Debit Card, E-Wallet or Online Banking Application and neither the Central Government nor the end customer is aware of the same. When the Cyber Breach occurs, you are at the receiving end as there is no “Effective Mechanism” to make Banks, Payment Banks, E-Wallets Service Providers, etc liable for your financial losses.
Central Government cannot formulate effective Cyber Security Policies if it is not aware what is happening on the front of Cyber Attacks and Cyberspace. Perry4Law Organisation (P4LO) requests all stakeholders to “Voluntarily” ensure Cyber Security Breach Disclosure to Central Government, CERT-IN or any other Authority specified by Central Government. This would also help in strengthening of Cyber Security of Digital Payments and making them more “Trustworthy”.
Wherever possible, Perry4Law Organisation (P4LO) would also extend its services “free of cost” to such Companies and Organisations that intend to improve the Cyber Security Infrastructure of India. We would also help them to report the Cyber Security Breaches to “Appropriate Authority” with full “Confidentiality”, as specified by Indian Laws.
(6) Enhanced Role Of RBI: Reserve Bank of India (RBI) has to play a “Pro Active” role to ensure Cyber Security of Banks, Payments Banks, Digital Payments, E-Wallets, Mobile Banking, Online Banking, etc. Mere formulation of “Guidelines” is not enough but RBI must actually implement them as well. Till now this is not happening and Indian Citizens are apprehensive about using Digital Payments. Indians are also not sure whom to approach and how to get their money back if there is a Cyber Crime or Cyber Fraud that has misappropriated their hard earned money. RBI is sitting over these issues and it needs to act fast in this regard in 2017.
(7) Aadhaar: Central Government is pushing usage of Aadhaar too much even if the Supreme Court of India has said that Aadhaar is “Not Mandatory”. Not only forcing Aadhaar is “Unconstitutional” but it also amount to “Contempt of Court” that Central Government and State Government are presently committing. Aadhaar is a “Very Risky Technology” to use, especially for “Online Transactions” and “Biometric Authentications”. In fact, Aadhaar should have been used for “Very Limited” areas only. But the “Omnipresent” nature and use of Aadhaar has put Biometrics and Digital Identities of Indian population at great risk.
Naturally, Aadhaar Enabled Payment System (AEPS) is also suffering from the shortcomings of lack of Cyber Security, Data Security, Privacy Protection and Biometric Security. Once the Biometrics of an individual is gone, there is no looking back. You can change the password of your e-mail account or debit card, but you cannot change your Biometrics and your Digital Identity is gone forever.
(8) Privacy Law: We have no dedicated Privacy Law in India and there is little hope that we would get one in 2017. This is because the Central Government has challenges the “Constitutional Status” of Privacy as a “Fundamental Right” in the Supreme Court of India. And the Supreme Court is sitting over the Privacy issue for long and considering the speed of Supreme Court, it may take another decade before Privacy Right would be adjudicated upon by Supreme Court. Lack of Privacy and Cyber Security is a big concern before people would shift to Digital Payments. If you have no Privacy, Data Security and Cyber Security while using Digital Payments, you would not use it for long and on a permanent basis. The good old cash would come to your rescue in such cases that also has a “low transaction cost” as compared to Digital Payments.
(9) Digital Payments Authority: The year 2017 may see establishment of a Digital Payments Authority by the Central Government. Perry4Law Organisation (P4LO) welcomes such a move on the part of Central Government with a “rider” that Civil Liberties, Cyber Security and Data Security issues must be respected and worked upon by any such future Digital Payments Authority of India.
(10) Skills And Capacity Development: The year 2017 may also witness an increased focus upon skills and capacity developments in terms of Software, Hardware, Cyber Crimes Investigation, Cyber Security Courses and Trainings, etc. Perry4Law Organisation (P4LO) recommends that special focus must be made by Central Government for developing “Indigenous Capabilities” in the fields of Software, Hardware, etc. All Digital Payments Applications and Software must be thoroughly tested by Central Government before using them on mass scale. Fintech Entrepreneurs must also be encouraged to innovate and use “Disruptive Technologies” that can help in achieving the Digital India and Digital payments goals. These Entrepreneurs may be supported with financial aids and grants by Central Government.
Perry4Law Organisation (P4LO) recommends that while supporting Entrepreneurs, there must not be any “Discrimination” between Aadhaar based and non Aadhaar based innovations and technologies. Central Government must adopt a “Technology Neutral” approach with open mind instead of trying to impose and infiltrate Aadhaar into everything.
We hope these Digital Payments and Cashless Economy Trends 2017 of Perry4Law Organisation (P4LO) would be helpful to all stakeholders and Central Government and State Governments would find them useful.