Mobiles and Internet are fast becoming part of Indian culture and day to day lifestyle. More and more people are connecting to the digital highway on daily basis and after some time a massive population would be using digital technologies for their daily chores. While this would bring many advantages and services for Indian population yet this would also raise many techno legal issues as well. As on date we have no techno legal framework to manage such issues. Even the Digital India project of India is heading towards rough waters due to its shortcomings and limitations.
Indian government’s choice for mobile governance is well understood but India is still not ready for mobile governance. The cyber security trends in India 2015 by Perry4Law Organisation (P4LO) have proved that India needs sound and robust mobile cyber security to survive the explosion of mobile usage in India. As on date Pakistan’s mobile communications security is much better than Indian mobile security.
It is equally important that the cyber security policy of India 2015 must be urgently formulated by Indian government. The National Cyber Security Policy of India 2013 (NCSP 2013) is a very weak policy document that cannot be relied upon for India’s growing cyber security requirements. A dedicated Telecom Security Policy of India is also required to manage telecom security related issues in India. Such telecom security policy must also address the unconstitutional e-surveillance issues that are rampant in India as on date. India has no dedicated privacy and data protection (PDF) laws as on date and this would create civil liberties issues in the near future.
The Telecom Security Directorate of India and National Telecom Network Security Coordination Board (NTNSCB) of India were also proposed by Indian government in the past but their actual constitution and working is still doubtful. It was also suggested that mobile service providers of India shall use Indian made SIM cards only. Cyber security awareness brochures in India were also mooted by Indian government in the past but its actual implementation is still missing. It was also mandated that Internet telephony and VOIP service providers must establish servers in India. The Intelligence Bureau (IB) of India has also expedited the testing of VOIP interception system in India.
It is obvious that telecom security related norms in India are more breached that complied with. Even the norms for import of telecom equipments in India have not been implemented in India. Huawei and ZTE are already facing telecom security related issues in India. Huawei was also accused of breaching national security of India by hacking base station controller in AP. India government is also using unconstitutional and illegal Central Monitoring System (CMS) for telephone tapping in India. In fact, Vodafone has confirmed that India has been using “Secret Wires” in the telecom infrastructure to indulge in e-surveillance. Indian Department of Telecommunications suppressed the whole incidence with a mere assurance of “investigation” that never made public so far.
We at Perry4Law Organisation (P4LO) recommend that a techno legal telecom security policy of India must be urgently formulated by Indian government. The same must include concerns arising out of areas like cyber law, cyber security, digital evidence, etc. We hope Indian government would do the needful in this regard as soon as possible.