Perry4Law Organisation (P4LO) Celebrates And Supports The First Constitution Day Of India 2015

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBConstitution of India is the supreme document of India that governs the Constitutional issues including the governance and functioning of Executive, Parliament and Judiciary of India. Constitution of India is the bulkiest document of its type in the world. It carries many Articles and Schedules that are not easy to understand.

Perry4Law Organisation (P4LO) has been dicussing various issues of Indian Constitution from time to time. This is more so regarding Civil Liberties, Human Rights and Fundamental Rights subjects that are very near and dear to our hearts.

P4LO is also on the forefront of celebrating the “Constitution Day of India” from the very begining. For instance, P4LO has decided to celebrate the First Constitution Day of India on 26th November 2015 in a very novel and desirable manner. We have officially launched the Virtual Law Campus (VLC) in India that covers many techno legal fields like Constitution of India, Cyber Law, Cyber Security, Cyber Forensics, Civil Laws, Criminal Laws, etc.

Dedicated websites in this regard would be made operational very soon and few of these websites can be accessed here1, here2 and here3. Two dedicated blogs have also be launched in this regard and the same can be accessed at blog1 and blog2. This is in addition to the already existing initiative titled Virtual Legal Education Campus (VLEC) of India.

Since Constitution of India is organic in nature, P4LO has also introduced the modern concepts of Laws to Indian Constitution. We have dedicated mnay Techno Legal Blogs that are covering the Techno Legal issues of Indian Constitution. When the Constitution of India was drafted, Information and Communication Technology (ICT) was not in use. Hence, ICT related issues were not incorporated into the Indian Constitution. At P4LO we are working in the direction of making the provisions of Indian Constitution in conformity with ICT and Techno Legal requirements.

We have already suggested that Indian Government must formulate a Techno Legal Framework for India as Indian Cyberspace is suffering from many threats and deficiencies. For instance, Indian Constitution must also suitably accomodate contemporary topics like Cyber Law, Cyber Security, Cyber Forensics, E-Discovery, E-Courts, Online Dispute Resolution (ODR), etc.

Similarly, Indian Government must also work in the direction of strengthening of Online Education and Skills Development in India. We have taken a small but significant step in these directions by establishing the first ever Virtual Law Campus (VLC) of India and world wide. The VLC would cover many Techno Legal Skills Development fields including Techno Legal issues of Indian Constitution.

We hope the Indian Government would find our initiatives in general and VLC in particular helpful in furthering the Preambulary Intents and Constitutional Philosophy.

Posted in Uncategorized | Leave a comment

Global Techno Legal News And Views By Perry4Law Organisation (P4LO)

Global Techno Legal News And Views By Perry4Law Organisation (P4LO)Merging of technology and law raises interesting techno legal issues that are not easy to handle. There are very few organisations or individuals that can manage techno legal issues in India and world wide. Perry4Law Organisation (P4LO) is one such organisation that handles unique and qualitative techno legal services in fields like cyber law, cyber security, cyber forensics, e-discovery, etc. One such initiative is known as Global Techno Legal News and Views.

Some of the interesting post of the blog are:

(1) Non Mandatory Aadhaar: The matter pertaining to legality and constitutionality of Aadhaar project is pending before the Supreme Court of India. The Central Government has been maintaining that Aadhaar is not mandatory but for all practical purposes it has been made mandatory by Indian Government.

(2) Digital India: Digital India project of India is an ambitious but troublesome initiative as it is suffering from numerous shortcomings. This is the reason that the Digital India project is heading towards rough waters. In fact, Digital India is the biggest digital panopticon of India so far. There is an urgent need to make it legal and constitutional.

(3) Carbanak Malware: The notorious malware Carbanak was instrumental in stealing about a Billion US Dollars from financial institutions worldwide. Vskimmer Trojan, capable of stealing credit card information from Windows systems, was already in circulation. Similarly, the Malware Dump Memory Grabber was also targeting POS systems and ATMs of major U.S. banks. These malware were creating havoc in India and international levels.

(4) Censorship By Twitter: In an unexpected move, Twitter has been censoring tweets relating to topics like Aadhaar, Digital India, etc. Till the time of writing of this post, Twitter is still censoring topics like Aadhaar, Digital India, etc.

(5) Hardware Spyware: Kaspersky has revealed that intelligence agencies have been using hardware based stealth spyware. These hard drives are manufactured by Western Digital, Seagate, Toshiba and other top manufacturers, thereby making their use a potential cyber hazard.

(6) FBI Search Warrants: Recently a proposal was made to expand the search warrant powers of FBI. Google opposed the same and openly conveyed its dissent for the proposed US Justice Department proposal to expand federal powers to search and seize digital data, warning that the changes would open the door to US “government hacking of any facility” in the world.

(7) Lenovo Adware: Lenovo has been accused of pre installing Adware in laptops thereby compromising their security. Users have complained that a programme called Superfish pre-installed by Lenovo on consumer laptops was “Adware”, or software that automatically displays adverts.

(8) Microsoft Cloud Computing: It has been reported that Microsoft has adopted a new standard for cloud privacy that commits the company to protect the privacy of customers’ data, not to use it for advertisement purposes, and to inform the customer of legal requests for personal data. Google along with other companies has been fighting against e-surveillance activities of U.S. agencies.

(9) Mobile Communications Security: Intercept has recently published an article describing that U.S. and British spies hacked into the internal network of Gemalto in 2010 that is one of the largest manufacturers of SIM cards in the world. They stole the encryption keys used to protect the privacy of mobile cellular communications across the globe. These spies mined the private communications of Gemalto engineers and employees in multiple countries, including India. However, the most interesting revelation comes in the form that GCHQ could not intercept keys used by mobile operators in Pakistan, even though Pakistan is a priority target for Western intelligence agencies. This is because Pakistanis used more secure methods to transfer the encryption keys between the SIM card manufacturers and Pakistani mobile operators.

(10) Lawyers Communications: Recently a British court ruled that the U.S. – U.K. surveillance regime was unlawful for seven years. This means that the regime has also failed to comply with the European convention on human rights. U.K. government is already facing a trial where it has been accused of unlawfully intercepted conversations between lawyers and their clients.

(11) Online Card Games: Some online gaming stakeholders in India have approached the Supreme Court of India to get clarity on the legality of online games like rummy, poker, etc. In response of the same, the Supreme Court asked the opinion of Central Government in this regard but the same has been informally denied by the Central Government. This means that till the time Supreme Court actually says that online rummy, online poker and online card games are legal in India, majority of these gaming stakeholders may be exposing themselves to legal risks and civil and criminal liabilities. Now that the Supreme Court of India has finally refused to decided legality of online poker and online rummy in India, online card games websites may be legally risky if not properly drafted and managed.

(12) Internet Safety Campaign: Indian government has announced that an Internet safety campaign would be started very soon in India. From the media reports it seems that the awareness drive would cover all stakeholders ranging from school level to government departments.

(13) Google Timestamps: In a bizzare manner, Google has manipulated the timestamp of the news titled Digital India, Aadhaar and digital panopticon of India and put the date 27-02-2015 instead of 02-03-2015. This means that news surfers looking for latest news would not get the same and after some time the news would be removed from the relevance search as well. We have also checked the date results and the news was lying on 4th page with other news of 27th February 2015 date. This is a strange behaviour on the part of Google and all such behavioursa of Google are catalogued at the blog titled “Unofficial Websites, News, Blogs And SERPs Censorship By Google“. A mirror of this blog is also available here.

(14) E-Mail Policy: Indian government has been struggling long to formulate and implement the e-mail policy of India. This is important for India as sensitive documents cannot be transferred out of India as per Indian laws like Public Records Act, 1993. Even Delhi High Court is analysing the e-mail policy of India and has shown its displeasure over slow action on the part of Indian government in this regard. It has now been reported that Indian government has decided to ban the use of Gmail or any other private email for official communication across all its organisations, and make it mandatory for them to migrate to email services provided by the National Informatics Centre (NIC).

(15) CISO Of India: In a significant move, the Prime Minister’s Office (PMO) has appointed Dr. Gulshan Rai as the first Chief Information Security Officer (CISO) of India. This would go a long way in ensuring critical infrastructure protection in India (PDF). We also strongly recommend that a revised Cyber Security Policy of India 2015 must be drafted by Modi Government that must address cyber security issues in a more comprehensive and holistic manner. Further, international legal issues of cyber attacks must also be considered well in advance by Indian Government. Perry4Law Organisation (P4LO) has released a research paper on international legal issues of cyber security and cyber attacks and the same can be considered by Indian Government while strengthening Indian cyber security capabilities.

(16) Anti Bullying Committee: Cyber bullying in India is a big nuisance with practically no remedies. However, things would be changed very soon with the issuance of CBSE Guidelines for Prevention of Bullying and Ragging in Schools 9th March 2015, Reg: (D.O. No. 12-19/2012-RMSA-I) (PDF). Due to increasing cases of physical and cyber-bullying of students, Central Board of Secondary Education (CBSE) has directed all its affiliated schools to form an anti-bullying committee. The committee should comprise of vice-principal, a senior teacher, school doctor, counsellor, parent-teacher representative, school management representative, legal representative and peer educators. CBSE also directed the schools to tackle sexual abuses and strictly implement POCSO Act 2012.

(17) Technology Companies Regulations: Dealing with technology and foreign companies is a big challenge for Indian government. Whether it is taxation aspects or applicability of Indian laws to such companies, India has not been able to achieve a success in this regard so far. There is also a lack of legal framework to govern such technology and foreign companies in India as on date. At Perry4Law Organisation (P4LO) and Perry4Law’s Techno Legal Base (PTLB) we have been suggesting techno legal frameworks in this regard from time to time. We at P4LO and PTLB welcome this support of Indian Government and various stakeholders to our suggestions and recommendations from time to time. However, we strongly recommend that we need a comprehensive techno legal framework in this regard especially if we have to make the “Made in India” and “Digital India” projects successful.

(18) Killer USB: A Russian hacker/researcher created a killer USB that can crash the victim system once the modified/hacked USB is plugged into it. The basic idea of the USB drive is quite simple. When we connect it up to the USB port, an inverting DC/DC converter runs and charges capacitors to -110V. When the voltage is reached, the DC/DC is switched off. At the same time, the filed transistor opens. It is used to apply the -110V to signal lines of the USB interface. When the voltage on capacitors increases to -7V, the transistor closes and the DC/DC starts. The loop runs till everything possible is broken down.

(19) Traffic Routing: Networks and systems need to trust each other to make the Internet function in a speedier manner. If one system or service provider falters, the services of other may be hampered. In one such incidence, users around the world were not able to access Google’s service for a short period of time due to a technical glitch. Users were cut off due to the routing leak from Indian broadband Internet provider Hathway. The leak is similar to a 2012 incident caused by an Indonesian ISP, which took Google offline for 30 minutes worldwide.

(20) Grid Security Expert System (GSES): A Grid Security Expert System (GSES) of India has been proposed to be developed by Powergrid. Cyber security of automated power grids of India is need of the hour. It is only after a massive power blackout in 2012 that Indian government has woken up to the dangers of cyber attacks against Indian power sector. GSES would involve installation of knowledge based Supervisory Control and Data Acquisition (SCADA) system, numerical relays and Remote Terminal units upto 132 kV stations and the reliable Optical fibre Ground wire (OPGW) communication system at an estimated cost of around Rupees 1200 crores. The objective of the GSES is implementation of the Automatic Defense mechanism to facilitate reliable and secure grid operation.

(21) Cyber Law Due Diligence: Cyber law due diligence received a major jolt when the Supreme Court of India read down the internet intermediary due diligence requirements. The main problem seems to be reading down of Section 79(3) (b) and Rule 3(4) By Supreme Court in a manner that would be counter productive in the long run. In fact, reading down of Section 79(3) (b) and Rule 3(4) is more problem than solution as the Supreme Court erred in adopting this approach.

(22) SEBI And Cyber Security: It has been reported that SEBI has expanded the ambit of its Technical Advisory Committee (TAC) to include cyber security of the markets. CECSRDI welcomes this move of SEBI and is committed to help it in every possible manner to achieve this benign cyber security objective.

(23) E-Police Station: An e-police station in Delhi would register online FIR for motor vehicle theft cases. The pilot project of the “Motor Vehicle Theft (MVT) Application” is now accessible on mobiles and computers. Presently this facility is available only for police stations in South Delhi and the same will be extended to entire Delhi after sorting out technical glitches and other problems.

(24) Social Media Compliances: Social media websites are not complying with laws of India. India’s struggle against social media websites to fall in line with Indian laws continues even in Narendra Modi’s regime. To make the matter worst we have no social media laws in India or any effective and implementable social media policy of India. Of course, a new framework for use of social media by governmental organisations has been suggested by Indian government in the past but that is of little help in solving the present problem at hand. The real solution, according to Praveen Dalal, is formulation of a techno legal framework that can address the diverse and complicated issues of cyberspace in India. In short, social networking laws in India need clarity and codification.

(25) MPPEB Scam: MPPEB scam has become an investigation nightmare for the law enforcement agencies of India. The credibility and reliability of evidence is in question on the one hand and unresolved cyber forensics issues are on the other hand. Scientific investigation methodology is still to be used in the investigation of MPPEB scam.

(26) IT Subsidiary Of RBI: The Reserve Bank of India (RBI) has showed its commitment to fight against cyber crimes and financial frauds by declaring that an information technology driven subsidiary would be established by it to deal with cyber nuisances. This IT subsidiary of RBI would also deal with cyber security and related issues with a special focus upon banking related technology issues. The IT subsidiary of RBI would also evaluate the technical capabilities of banks that is almost missing as on date.

(27) Privacy Invasive Software: The Supreme Court of India has asked the Indian Government to clarify upon privacy invasive software and mobile applications. Supreme Court of India has taken a serious note of the software and mobile applications that can be used to extract private information from smartphones.

(28) Smart Cities In India: Smart cities in India have been proposed to be established in near future. However, smart cities in India may face cyber security and civil liberties issues that are left unresolved by Indian Government.

(29) Protection Of Good Samaritan: In a welcome move, the Narendra Modi led Government has issued Guidelines on Protection of Good Samaritan While Saving Lives of Road Accident Victims (2015) (PDF). This shows the sensitivity of Indian Government towards the precious lives that can be saved if road accident victims can be taken to hospitals as soon as possible.

We hope our readers would find this post and blog useful.

Posted in Uncategorized | 1 Comment

Law Of Domicile In India

Law Of Domicile In IndiaDomicile of an individual is very significant for deciding his/her marriage, succession, taxation, etc related issues. However, domicile is a complicated subject as it is a mixed question of facts and laws. In fact, there is no set procedure to get a domicile certificate in India as on date. To make the matter worst, there is an acute confusion between a domicle certificate and a residence certificate. Most of the Indian States and their authorities consider a residence certificate as a domicile certificate.

In its popular sense, this synonymous treatment of domicile and residence may be justified. However, in its technical sense, domicile is a conflict of laws principle and it has no role to play while deciding the territorial laws of a nation. In essence, domicile involves existence of more than one sovereign jurisdiction and a corresponding resolution of legal issues by applying the most appropriate law in a given circumstances.

Domicile as a conflict of laws concept identifies a person, in cases having a foreign element, with a territory subject to a single system of law, which is regarded as his personal law. Generally speaking, a person is domiciled in the country in which he is considered to have his permanent home. His domicile is of the whole country, being governed by common rules of law, and not confined to a part of it.

The interesting part about a domicile is that no one can be without a domicile and no one can have two domiciles. This is logical as well as a person domiciled in a particular jurisdiction cannot be domiciled in another foreign territory. For instance, in India a domicile of origin is attributed to every person at birth by operation of law. This domicile is not decided by his place of birth or by the place of residence of his father or mother, but by the domicile of the appropriate parent at the time of his birth, according as he is legitimate or illegitimate.

A person domiciled in a country establishes his legal status for the whole of the country and is subject to one body of law. But in federal countries like the United States, Australia, or Canada, or in a composite State like the United Kingdom, different systems of law may prevail in different regions in respect of certain matters. In such cases, each of the territories governed by a separate system of law is treated, for the purpose of conflict of laws, as a ‘country’, though in public international law or constitutional law it is not a separate sovereign State.

This is not the legal position in India. Though a Union of States, and a federation in that sense, the whole country is governed by a single unified system of law, with a unified system of judicial administration, notwithstanding the constitutional distribution of legislative powers between the Centre and the States. There is no State-wise domicile within the territory of India. A man who is domiciled in India is domiciled in every State in India and identified with a territorial system of legal rules pervading throughout the country. He is ‘domiciled’ in the whole of this country, even though his permanent home may be located in a particular spot within it . Thus, the concept of “domicile” varies from country to country and from jurisdiction to jurisdiction.

It is equally important to understand the difference between the terms domicile and residence. The word “domicile” should not be confused with a simple “residence”. The residence is a physical fact and no volition/intention is needed to establish it. The animus manendi is not an essential requirement of residence, unlike in the case of a domicile of choice. Thus, any period of physical presence, however short, may constitute residence provided it is not transitory, fleeting or casual. The intention is not relevant to prove the physical fact of residence except to the extent of showing that it is not a mere fleeting or transitory existence To insist on an element of volition is to confuse the features of ‘residence’ with those of ‘domicile’. While residence and intention are the two essential elements constituting the ‘domicile of choice’ residence in its own right is a connecting factor in a national legal system for purposes of taxation, jurisdiction, service of summons, voting etc .

The determination of domicile of an individual has a great legal significance. It helps in identifying the personal law by which an individual is governed in respect of various matters such as the essential validity of a marriage, the effect of marriage on the proprietary rights of husband and wife, jurisdiction in divorce and nullity of marriage, illegitimacy, legitimation and adoption and testamentary and intestate succession to moveables. The domicile is the legal relationship between an individual and a territory with a distinctive legal system, which invokes that system as his personal law. India recognises only one domicile, namely, domicile in India by virtue of Artice 5 of the Constitution of India. Further, the concept of ‘domicile’ has no relevance to the applicability of municipal laws, whether made by the Union of India or by the States.

The law of domicile in India can be traced under the Indian Succession Act, 1925. The domicile under the provisions of the Act can be classified under the following categories:

(i) Domicile of origin,

(ii) Domicile of choice, and

(iii) Domicile by operation of law.

(i) Domicile of origin: Every person must have a personal law, and accordingly every one must have a domicile. He receives at birth a domicile of origin, which remains his domicile, wherever he goes, unless and until he acquires a new domicile. The new domicile, acquired subsequently, is generally called a domicile of choice. The domicile of origin is received by operation of law at birth and for acquisition of a domicile of choice one of the necessary conditions is the intention to remain there permanently. The domicile of origin is retained and cannot be divested until the acquisition of the domicile of choice. By merely leaving his country, even permanently, one will not, in the eye of law, lose his domicile until he acquires a new one. This proposition that the domicile of origin is retained until the acquisition of a domicile of choice is well established and does not admit of any exception .

(ii) Domicile of choice: The domicile of origin continues until he acquires a domicile of choice in another country. Upon abandonment of a domicile of choice, he may acquire a new domicile of choice, or his domicile of origin, which remained in abeyance, revives. The burden of proving a change of domicile is on him who asserts it. The domicile of origin is more tenacious. “Its character is more enduring, its hold stronger and less easily shaken off. The burden of proving that a domicile of origin is abandoned is needed much heavier than in the case of a domicile of choice. No domicile of choice can be acquired by entering a country illegally. The domicile of choice is a combination of residence and intention. Residence, which is a physical fact, means bodily presence as an inhabitant. Such residence must be combined with intention to reside permanently or for an unlimited time in a country. It is such intention coupled with residence that acquires him a new domicile. It is immaterial for this purpose that the residence is for a short duration, provided it is coupled with the requisite state of the mind, namely the intention to reside there permanently. If a man intends to return to the land of his birth upon a clearly foreseen and reasonably anticipated contingency, such as, the end of his studies, he lacks the intention required by law. His tastes, habits, conduct, actions, ambitions, health, hopes, and projects are keys to his intention. That place is properly the domicile of a person in which he has voluntarily fixed the habitation of himself and his family, not for a mere special and temporary purpose, but with a present intention of making it his permanent home, unless and until something (which is unexpected or the happening of which is uncertain) shall occur to induce him to adopt some other permanent home.

The only intention required for a proof of a change of domicile is an intention of permanent residence. What is required to be established is that the person who is alleged to have changed his domicile of origin has voluntarily fixed the habitation of himself and his family in, the, new country, not for a mere special or temporary purpose, but with a present intention of making it his permanent home. On the question of domicile at a particular time the course of his conduct and the facts and circumstances before and after that time are relevant.

(c) Domicile by operation of law. (Married women’s domicile): The rules of Private International Law in India are not codified and are scattered in different enactments such as the Civil Procedure Code, the Contract Act, the Indian Succession Act, the Indian Divorce Act, and the Special Marriage Act etc. In addition, some rules have also been evolved by judicial decisions. In matters of status or legal capacity of natural persons, matrimonial disputes, custody of children, adoption, testamentary and intestate succession etc. the problem in this country is complicated by the fact that there exist different personal laws and no uniform rule can be laid down for all citizens. The distinction between matters which concern personal and family affairs and those which concern commercial relationships, civil wrongs etc. is well recognised in other countries and legal systems. The law in the former area tends to be primarily determined and influenced by social, moral and religious considerations, and public policy plays a special and important role in shaping it. Hence, in almost all the countries the jurisdictional, procedural and substantive rules that are applied to disputes arising in this area are significantly different from those applied to claims in other areas. That is as it ought to be. For, no country can afford to sacrifice its internal unity, stability and tranquility for the sake of uniformity of rules and comity of nations which considerations are important and appropriate to facilitate international trade, commerce, industry, communication, transport, exchange of services, technology, manpower etc. This glaring Tact of national life has been recognised both by the Hague Convention of 1968 on the Recognition of Divorce and Legal Separations as well as by the Judgments Convention of the European Community of the same year. Article 10 of the Hague Convention expressly provides that the contracting States may refuse to recognise a divorce or legal separation if such recognition is manifestly incompatible with their public policy. The Judgments Convention of the European Community expressly excludes from its scope (a) status or legal capacity of natural persons, (b) rights in property arising out of a matrimonial relationship, (c) wills and succession, (d) social security, and (e) bankruptcy. A separate convention was contemplated for the last of the subjects.

The judicial interpretation of the concept of domicile in India is very clear. In Dr.Pradeep Jain v U.O.I the Supreme Court observed: “The entire country is taken as one nation with one citizenship and every effort of the Constitution makers is directed towards emphasizing, maintaining and preserving the unity and integrity of the nation. Now if India is one nation and there is only one citizenship, namely, citizenship of India, and every citizen has a right to move freely throughout the territory of India and to reside and settle in any part of India, irrespective of the place where he is born or the language which he speaks or the religion which he professes and he is guaranteed freedom of trade, commerce and intercourse throughout the territory of India and is entitled to equality before the law and equal protection of the law with other citizens in every part of the territory of India, it is difficult to see how a citizen having his permanent home in Tamil Nadu or speaking Tamil language can be regarded as an outsider in Uttar Pradesh or a citizen having his permanent home in Maharashtra or speaking Marathi language be regarded as an outsider in Karnataka. He must be held entitled to the same rights as a citizen having his permanent home in Uttar Pradesh or Karnataka, as the case may be. To regard him as an outsider would be to deny him his constitutional rights and to derecognise the essential unity and integrity of the country by treating it as if it were a mere conglomeration of independent States”.

In Dr.Yogesh Bhardwaj v State of U.P the Supreme Court observed: “Domicile’, being a private international law concept, is inapposite to the relevant provisions, having no foreign element, i.e., having no contact with any system of law other than Indian, unless that expression is understood in a less technical sense. An expression, which has acquired a special and technical connotation, and developed as a rule of choice or connecting factor amongst the competing diverse legal systems as to the choice of law or forum, is, when employed out of context, in situations having no contact with any foreign system of law, apt to cloud the intended import of the statutory instrument.

In Mr. Louis De Raedt v U.O.I the Supreme Court observed: “For the acquisition of a domicile of choice, it must be shown that the person concerned had a certain State of mind, the animus manendi. If he claims that he acquired a new domicile at a particular time, he must prove that he had formed the intention of making his permanent home in the country of residence and of continuing to reside there permanently. Residence alone, unaccompanied by this state of mind, is insufficient. The burden to prove that the petitioners had an intention to stay permanently in India lies on them. The fundamental right of the foreigner is confined to Article 21 for life and liberty and does not include the right to reside and settle in this country, as mentioned in Article 19(1)(e), which is applicable only to the citizens of this country. The power of the Government in India to expel foreigners is absolute and unlimited and there is no provision in the Constitution fettering this discretion. The legal position on this aspect is not uniform in all the countries but so far the law that operates in India is concerned, the Executive Government has unrestricted right to expel a foreigner”.

In Y. Narasimha Rao V Y. Venkata Lakshmi the Supreme Court observed: “As pointed out above, the present decree dissolving the marriage passed by the foreign court is without jurisdiction according to the Act as neither the marriage was celebrated nor the parties last resided together nor the respondent resided within the jurisdiction of that court. The decree is also passed on a ground that is not available under the Act, which is applicable to the marriage. What is further, the decree has been obtained by appellant 1 by stating that he was the resident of the Missouri State when the record shows that he was only a bird of passage there and was ordinarily a resident of the State of Louisiana. He had, if at all, only technically satisfied the requirement of residence of 90 days with the only purpose of obtaining the divorce. He was neither domiciled in that State nor had he an intention to make it his home. He had also no substantial connection with the forum”.

The law of domicile in India is crystal clear and is free from any ambiguities. However, there seems to be an ignorance of the concept in its true perspective in India among various States and their authorities. We at Perry4Law Organisation (P4LO) beleive that there is an urgent need to spread “public awareness” in this regard. Further, it would be a good startegy to formulate the domicile Policy of India by Central Government as soon as possible. We hope the Central Government would come up with the Indian Domicile Policy very soon.

Posted in Uncategorized | Leave a comment

Aarushi Murder Case Reflects Poor Cyber Forensics Usage By CBI And Defence Lawyers

Aarushi Murder Case Reflects Poor Cyber Forensics Usage By CBI And Defence LawyersVery few murder cases are as sensational and complex as is the Aarushi murder case. There are many loose ends and infirmities in the investigation of Aarushi murder case by the Central Bureau of Investigation (CBI). Although CBI claims to have successfully cracked the case yet public opinion in this regard is sharply divided. The aim of this article is not to discuss all the pros and cons of the decision of the lower court but a very specific aspect that has been ignored by CBI and even by the defense lawyers/lower court to a great extent. This aspect pertains to inadequate and improper usage of digital evidence and cyber forensics best practices by the CBI while conducting investigation and prosecution of the parents of Aarushi for her murder.

As per the cyber forensics trends and developments in India 2014, till now cyber forensics is not widely and appropriately used by the law enforcement agencies, lawyers, judges, etc in India. As a result most of the cyber criminals are either not prosecuted at all or they are acquitted in the absence of adequate evidence. Similarly, the truth of a crime can be revealed by using proper cyber forensics methodologies but the same is not possible till our law enforcement agencies use proper cyber forensics methods.

Another related issue is that the defense lawyers are also not pressing hard to use cyber forensics principles while defending their clients. If the defense lawyers produce convincing and admissible digital evidences based upon sound cyber forensics practices, the courts would be bound to accept the same. This would also force the public prosecutors and law enforcement agencies like CBI to strengthen their own cyber forensics and cyber crimes investigation capabilities.

In short, handling of digital evidence is a big challenge for the law enforcement agencies of India and lawyers/courts. We have already witnessed that cyber forensics issues have troubled our law enforcement agencies in Aarushi Talwar’s murder case, IPL Match Fixing case, Bitcoins websites investigation, Nokia’s tax violation case, Rajnath Singh Son’s case, Amrita Rai’s G-Mail account hacking case, etc. Indian government must seriously consider empowering law enforcement agencies of India with suitable trainings and technologies.

In the Aarushi murder case, CBI failed to use cyber forensics methodologies and digital evidence to prove the guilt of the accused beyond reasonable doubts. It is very important to maintain a “chain of custody” and “proper documentation” of the acquisition of such digital evidence and investigation authorities must ensure that the evidence acquired by them is “admissible” in a court of law.

Unfortunately, the lawyers of the convicted parents seem to have ignored the digital evidence that, if proved successfully, could easily lead to their acquittal. The same should be pressed before the High Court before it is too late. When stakes are high it is not a good strategy to ignore and exclude crucial areas that can strengthen a lawyer’s case.

At Perry4Law Organisation (P4LO) we believe that in the present times many scams, crimes and contraventions can be effectively solved using cyber forensics methods. Even the recent MPPEB/ Vyapam scam has raised interesting cyber forensics issues. Indian law enforcement agencies, lawyers and courts must understand the importance of the “forensically sound image” of the hard disk/digital media in question by using the bit by bit image method. Similarly, the strength and capabilities of cyber forensics laboratories operating in India must also increase and enhanced.

As far as Aarushi murder case is concerned, the same reflects a poor cyber forensics usage by CBI and defense lawyers and proper use of the same by either side may result in tilting of the case in its favour before the higher courts.

Posted in Uncategorized | Leave a comment

Telecom Security Policy Of India Is Urgently Needed

Telecom Security Policy Of India Is Urgently NeededMobiles and Internet are fast becoming part of Indian culture and day to day lifestyle. More and more people are connecting to the digital highway on daily basis and after some time a massive population would be using digital technologies for their daily chores. While this would bring many advantages and services for Indian population yet this would also raise many techno legal issues as well. As on date we have no techno legal framework to manage such issues. Even the Digital India project of India is heading towards rough waters due to its shortcomings and limitations.

Indian government’s choice for mobile governance is well understood but India is still not ready for mobile governance. The cyber security trends in India 2015 by Perry4Law Organisation (P4LO) have proved that India needs sound and robust mobile cyber security to survive the explosion of mobile usage in India. As on date Pakistan’s mobile communications security is much better than Indian mobile security.

It is equally important that the cyber security policy of India 2015 must be urgently formulated by Indian government. The National Cyber Security Policy of India 2013 (NCSP 2013) is a very weak policy document that cannot be relied upon for India’s growing cyber security requirements. A dedicated Telecom Security Policy of India is also required to manage telecom security related issues in India. Such telecom security policy must also address the unconstitutional e-surveillance issues that are rampant in India as on date. India has no dedicated privacy and data protection (PDF) laws as on date and this would create civil liberties issues in the near future.

The Telecom Security Directorate of India and National Telecom Network Security Coordination Board (NTNSCB) of India were also proposed by Indian government in the past but their actual constitution and working is still doubtful. It was also suggested that mobile service providers of India shall use Indian made SIM cards only. Cyber security awareness brochures in India were also mooted by Indian government in the past but its actual implementation is still missing. It was also mandated that Internet telephony and VOIP service providers must establish servers in India. The Intelligence Bureau (IB) of India has also expedited the testing of VOIP interception system in India.

It is obvious that telecom security related norms in India are more breached that complied with. Even the norms for import of telecom equipments in India have not been implemented in India. Huawei and ZTE are already facing telecom security related issues in India. Huawei was also accused of breaching national security of India by hacking base station controller in AP. India government is also using unconstitutional and illegal Central Monitoring System (CMS) for telephone tapping in India. In fact, Vodafone has confirmed that India has been using “Secret Wires” in the telecom infrastructure to indulge in e-surveillance. Indian Department of Telecommunications suppressed the whole incidence with a mere assurance of “investigation” that never made public so far.

We at Perry4Law Organisation (P4LO) recommend that a techno legal telecom security policy of India must be urgently formulated by Indian government. The same must include concerns arising out of areas like cyber law, cyber security, digital evidence, etc. We hope Indian government would do the needful in this regard as soon as possible.

Posted in Uncategorized | Leave a comment

Cyber Forensics Developments In India 2014

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBPerry4Law Organisation (P4LO) and Cyber Forensics Research Centre of India (CFRCI) have already provided the Cyber Forensics Trends and Developments in India 2013 (PDF) and Cyber Forensics Trends and Developments in India 2014- Part I. In this work, P4LO and CFRCI would be discussing the Cyber Forensics Development of India 2014.

Indian Cyber Forensics Developments 2014 are as follows:

(1) Cyber Capabilities: The need to develop Cyber Crimes and Cyber Forensics Capabilities of India was felt in the year 2013 and the same continued in the year 2014 as well. However, both Cyber Crimes Investigations in India and Cyber Forensics Capabilities were not up to the mark in 2014. Nevertheless, it was felt by various stakeholders that Cyber Crime Investigation Trainings in India is urgently needed. Indian Government has also reiterated that a Cyber Crimes Prevention Strategy of India may be formulated very soon.

(2) Cyber Forensics Best Practices: P4LO and CFRCI recommended formulation of Cyber Forensics Best Practices in India in 2014. We also recommended formulation of dedicated Laws for Cyber Forensics in India. However, “Legislative Deficiencies” remained intact in 2014 as far as Cyber Forensics in concerned.

(3) E-Discovery: E-Discovery in India is another area that espoused interest among various stakeholders. However, E-Discovery Legal Issues in India are still missing till the end of 2014. Both Cyber Forensics and E-Discovery deserve separate and dedicated Laws that must be enacted in the year 2015.

(4) Police Modernisation: Modernisation of Police Force of India was on “Priority List” of Indian Government. Delhi Police has taken many significant technology oriented steps to ensure easy “Public Access” of Delhi Police’s Services to Delhi’s Citizens. Similarly, many States of India are in the process of establishing Online Systems where First Information Reports (FIRs) can be filed and accessed through Internet. Training of Police Officers of different States was also undertaken on a “Regular Basis” throughout the India in 2014 and the same would be continued in the year 2015 as well.

(5) Social Media: Investigation of Social Media Websites in India was a “Major Challenge” before Indian Government in the year 2014. Social Networking Law for India has always been a controversial topic. Even the Congress Government was in favour of having a Law for Social Media in India. The Home Ministry of India also expressed its intention to take legal actions against those posting “Objectionable Contents” on Social Media Websites and having adverse impact upon Indian Society or Law and Order.

We hope our readers and various stakeholders would find this Second Part of the Cyber Forensics Developments in India 2014 useful.

Posted in Uncategorized | Leave a comment

Prospective Cyber Security Trends In India 2015

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBPerry4Law Organisation (P4LO) has already provided the cyber security trends and developments of India 2013 (PDF) and Cyber Security Trends and Developments in India 2014. In this work, P4LO and Perry4Law’s Techno Legal Base (PTLB) would be discussing the prospective Cyber Security Trends in India in 2015.

According to the research and analysis of Centre of Excellence for Cyber Security Research and Development in India (CECSRDI) managed by P4LO and PTLB, in the year 2015 we may face the following cyber security challenges in India:

(1) International Legal Issues: The international legal issues of cyber attacks and cyber security would significantly increase in the year 2015. In the absence of a universally acceptable International Cyber Security Treaty (PDF), the power tussle over Cyber Security Technology in forums like Wassenaar Arrangement would continue in the year 2015 as well. The Conflict of Laws in Cyberspace would further complicate the scenario and more reliance upon Mutual Legal Assistance Treaty (MLAT) would be there.

(2) State Sponsored Cyber Attacks: The state sponsored cyber attacks would also increase in the year 2015. This would include agencies and actors working on behalf of a state that is launching the cyber attack. Countries around the world are building cyber armies for this purpose and this trend may finally be a battleground for preventive defense and cyber counterstrike.

(3) Increased Malware: Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, Gameover Zeus (GOZ), etc would further increase in the year 2015. India needs to develop offensive and defensive cyber security capabilities to tackle these malware. Cyber security breaches are increasing world over and India must be “cyber prepared” to deal with the same. The cyber security challenges before the Narendra Modi Government are not easy to manage and Indian Cyberspace must be protected on a “priority basis”.

(4) Cyber Espionage: Cyber espionage activities would also increase in the year 2015. The participating stakeholders in this regard would be state and big corporations that would try to steal sensitive information of their adversaries’ thorough stealth and sophisticated cyber attacks and malware.

(5) Cloud Computing: Use of cloud computing in India would be encouraged but it would not be used to the maximum possible extent due to regulatory issues. Further, privacy and data protection (PDF) issues would also reduce use of cloud computing in India in 2015. The Cyber Law Developments of India 2014 have also reflected this position.

(6) Mobile Security: Ensuring mobile security would be a tough task for Indian Government and various stakeholders in the year 2015. Indian Government is adopting mobile governance for various purposes. However, mobile cyber security in India and e-governance cyber security in India must also be kept in mind while relying upon mobile governance in India.

(7) Critical Infrastructures: Critical infrastructure protection is a big challenge for Countries around the world. Critical Infrastructure Protection in India (PDF) would be required in the year 2015 as India has launched projects like Digital India and Internet of Things (IoT) (PDF). Indian Government needs to work hard in this regard.

We hope our readers would find the prospective Cyber Security Trends of India 2015 useful.

Posted in Uncategorized | 9 Comments

Cyber Law Developments In India 2014

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBPerry4Law Organisation (P4LO) has already covered the cyber law trends and developments in India 2013 (PDF). In this work, P4LO is discussing the cyber law developments of India 2014.

P4LO is managing a techno legal Cyber Crimes Investigation Centre of India (CCICI) that is providing unique cyber crimes related investigation, training and legal services. As per CCICI and P4LO, the cyber law trends and developments of India 2014 are as follows:

(1) Cyber Law Of India: The Information Technology Act, 2000 (IT Act 2000) still governs the cyber law of India and related issues. IT Act 2000 has become an outdated and draconian law that needs to be repealed. The telegraph and cyber law of India remained outdated, colonial and draconian in the year 2014 as well.

India must ensure techno legal measures to regulate Indian cyberspace. Similarly, regulations and guidelines for effective investigation of cyber crimes in India is also need of the hour. The Indian Government has assured in the year 2014 that the IT Act 2000 could be amended to accommodate e-commerce concerns.

(2) Cyber Crimes Prevention Strategy: Cyber crimes have significantly increased in India in the year 2014. Reacting to the same, Indian Government has now decided to formulate a cyber crimes prevention strategy for India. However, till the end of December 2014, the proposed strategy has not been formulated.

(3) Cyber Crimes Investigation Training: with increased cyber crimes in India, a need was felt to provide cyber crimes investigation training to law enforcement agencies of India. We at P4LO and CCICI believe that India needs to enhance cyber crimes investigation capabilities so that cyber crimes can be effectively tackled. Similarly, modernisation of police force of India is urgently needed with a special focus upon techno legal skills development for them.

(4) Encryption Laws: Almost three years back the Standing Committee on Information Technology pulled Department of Telecommunication (DOT) over encryption issues. However, dedicated encryption laws in India remained missing in the year 2014 as well. The encryption laws and regulations in India need clarity. Legal risks for websites development companies in India would also increase due to improper use of encryption for such websites. A dedicated encryption policy of India (PDF) and techno legal encryption law in India is need of the hour.

(5) International ATM Heist: Recently, the RAKBANK and Bank of Muscat Oman became victims of international ATM heist. The hacking prompted authorities in the US and Europe to launch an international manhunt. Authorities made arrests soon after in Germany and the US, and most of the money was recovered. The Computer Emergency Response Team (CERT) of India has even started investigation in this international ATM heist case as it has Indian connections as well. The Karnataka police have speeded up their investigation into the international ATM heist case and it has been investigating the possible involvement of Enstage software’s staff in this regard.

(6) Corporate Scam Investigations: Although the Indian Companies Act, 2013 (PDF) has been formulated to curb corporate frauds yet a dedicated fraudulent MLM regulations is need of the hour. The powers of Serious Fraud Investigation Office (SFIO) were also enhanced so that they can effectively deal with corporate frauds and crimes in India. SEBI has also notified the Securities and Exchange Board of India (Procedure for Search and Seizure) Regulations, 2014 (PDF). The Economic Offences Wing (EOW) of the Mumbai Police has also speed up Rs 425 Crore QNet Scam Investigation.

(7) Cyber Insurance: Cyber insurance in India has become a reality in the year 2014 and many companies and individuals have started taking cyber insurance policies in India. However, the business of cyber insurance would raise many novel techno legal issues in this regard that all stakeholders must be well prepared to deal with.

(8) Cloud Computing: The cloud computing legal issues in India are still not clear and this has resulted in limited adoption of cloud computing in India in the year 2014. The cloud computing legal and regulatory requirements in India for businesses and entrepreneurs must be analysed in advance before launching a project. Cloud computing service providers in India are Internet intermediary within the meaning of IT Act, 2000 and they are also required to comply with cyber law due diligence requirements (PDF).

(9) E-Mail Policy: The e-mail policy of India has still not been implemented despite strict warnings by Delhi High Court. So bad is the situation that the Delhi High Court has accused central government of sitting over e-mail policy of India. The Delhi High Court has also directed Central Government to issue notification regarding electronic signature under Information Technology Act 2000. The encryption policy of India is also missing till date though it is need of the hour. However, Madhya Pradesh has given legal recognition to e-mail communications among Government Departments.

(10) Online Payments: Online and mobile payments witnessed an increase in India in the year 2014. However, legal and regulatory issues were not taken seriously by various mobile payment providers in India in 2014. There are many legal issues of e-commerce in India that various online payment service providers of India must comply with. P4LO has already specified the cyber law due diligence requirements for Paypal and online payment transferors in India. Similarly, we have also outlined the e-commerce and online business legal compliances for online payment market of India. Further, payment gateway and POS terminal services providers must also keep in mind the cyber law due diligence requirements in India.

(11) Online Gambling In India: Online gambling laws in India remained in a state of suspension in the year 2014. Online gambling in India is still punishable in almost all of the cases with few selective exceptions. The matter is pending before the Supreme Court of India and it has referred the matter for the opinion of Central Government. However, the Central Government has not given a conclusive opinion on this issue so far and the matter has been postponed for hearing in the month of January 2015.

(12) Illegal Online Pharmacies: Illegal online pharmacies operating from India were in news throughout the year 2014. Maharashtra FDA has even requested the Central Government to formulate policy regarding online pharmacies operating in India. Many online pharmacies websites in India are controlled by underworld and organised criminal networks. Illegal online pharmacies are on hit list of Google and Federal Authorities of United States.

There are many legal requirements that online pharmacies operating in India are required to comply with. However, most of the online pharmacies operating in India are not following these laws and regulations. As a result they are incurring and exposing themselves to various forms of legal risks.

(13) Websites Blocking In India: Websites blocking in India was another development that resulted in many protests as well. For instance, Tamil website Savukku was ordered to be blocked by Madras High Court. However, immediately after the blocking of the Savukku website, it became available through proxy servers making the blocking redundant. In the year 2013, the Indian Government blocked 39 Internet sites on ground of pornography. The Supreme Court of India also sought the response of Indian Government in this regard in 2013. However, Indian Internet Service Providers (ISPs) told the Supreme Court that they cannot block pornographic websites unilaterally and voluntarily.

(14) Bitcoins: The legality of bitcoins in India was a major questioning the year 2014. The Enforcement Directorate (ED) searched and raided few Bitcoin exchanges to see whether they were violating Indian laws or not.  ED believed that Bitcoins can be used for criminal activities including money laundering, hawala transactions and funding of terrorist activities. Indian Laxmicoin had even sought clarifications from regulatory authorities of India before its launch. We at P4LO and CCICI believe that Bitcoin Exchanges operating in India must comply with Indian Laws to be legal and safe. Cyber attacks also targeted Bitcoin users and Bitcoin Exchanges in the year 2014. According to some reports, Bitcoin website Mt. Gox’s disappeared due to sophisticated cyber attacks and stealing of Bitcoins.

(15) Mobile Applications: Mobile applications also saw a tremendous increase in India in 2014. However, most of the mobile application developers are violating Indian Laws and may be prosecuted in future.

P4LO and CCICI hope that our readers and various stakeholders would find this cyber law development in India 2014 research work useful.

Posted in Uncategorized | 5 Comments

Telecom Related Trends And Development In India 2014

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBPerry4Law Organisation (P4LO) has been providing various techno legal trends of India since 2006. The present work is discussing the telecom related trends and developments as happened in India in the year 2014. The same has been drafted by P4LO and its premier techno legal segment known as Perry4Law’s Techno Legal Base (PTLB).

The telecom related trends and developments in India 2014 are as follows:

(1) Telecom Security Policy: The telecom policy of India 2012 was announced by the Indian government but there is no reference of a dedicated telecom security policy of India. There are many unconstitutional e-surveillance issues that future telecom security policy of India must address.

(2) National Security Policy: There is no dedicated national security policy of India till now that can comprehensively cover national security issues. We at P4LO and PTLB believe that telecom security and cyber security should be integral part of the national security policy. We also believe that the national security policy of India must be techno legal in nature.

(3) Satellite Mobile Services: The Telecom Commission of India has taken a positive and technology friendly decision regarding satellite based mobile services in India. The Telecom Commission has allowed satellite based mobile services in India in the year 2014.

(4) E-Surveillance In India: The year 2014 witnessed a poor civil liberties protection regime in India. Telecom giant Vodafone confirmed existence of secret wires for government e-surveillance and eavesdropping worldwide, including in India. Indian Department of Telecommunications (DoT) promised to investigate govt snooping allegations of Vodafone but it failed to do so till the end of December 2014. The dangerous central monitoring system (CMS) of India was also activated without any legal framework and Parliamentary oversight.

(5) Cyber Security Threats Disclosures: The National Security Council Secretariat (NSCS) requested Reliance Jio Infocomm to share potential cyber security threats on its telecom networks. Indian Government has also hinted upon introducing cyber security disclosure norms in India but the same have not been introduced till the end of December 2014.

(6) Redundant Telecom Laws: The telegraph and cyber law of India remained outdated, colonial and draconian in the year 2014. Similarly, encryption related dedicated laws in India are also missing till the end of December 2014.

(7) VOIP Issues: VOIP related issues kept on surfacing in the year 2014. Indian intelligence agencies showed great interest in forcing the Internet and VOIP service providers operating in India to establish their servers in India. The intelligence agencies of India also expedited the testing of VOIP interception system in India. An illegal international racket using unauthorised gateways to divert the VOIP calls landing in India was also busted by law enforcement agencies of India.

(8) Law Enforcement Technologies: Intelligence agencies and law enforcement technologies were widely adopted and used in India in the year 2014. P4LO has discussed about these technologies at its forums. Nevertheless, techno legal modernisation of police force of India is need of the hour.

(9) Lawful Interception: India is one of the countries where phone tapping is possible without any court order/warrant. This is a serious civil liberty violation that continued in the year 2014. A lawful and constitutional interception law in India is urgently needed. Privacy rights in India in the information era (PDF) have still not been recognised by Indian Government.

(10) Cell Phone Laws: There is a dearth of laws regarding cell phones and their dealings in India and the same continued till the end of December 2014 as well. In particular, the cell site data location laws in India and privacy issues are still not redressed by Indian Government so far.

We hope our readers would find this telecom trend useful. We would share more telecom related articles and opinion on our telecom blog from time to time.

Posted in Uncategorized | 1 Comment

Cyber Security Trends And Developments In India 2014

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBPerry4Law Organisation (P4LO) has been providing various techno legal trends of India since 2006. The present work is discussing the cyber security trends and developments as happened in India in the year 2014. Our readers can access the cyber security trends and developments of India 2013 (PDF) as well in this regard.

The Centre of Excellence for Cyber Security Research and Development in India (CECSRDI) has been discussing about techno legal issues of Indian and global cyber security for long. Latest updates on cyber security are available through CECSRDI Twitter account of P4LO. You may also be interested in this comprehensive coverage about Indian cyber security by INSIGHTS.

As per CECSRDI and P4LO, the cyber security trends and developments of India 2014 are as follows:

(1) Policy And Legal Framework: The year 2014 again witnessed a missed opportunity for India to formulate proper policies and laws regarding cyber security of India. For instance, neither the proposed National Cyber Security Policy of India 2013 (NCSP-2013) nor the Information Technology Act, 2000 is sufficient and adequate to cater the legal framework requirements of Indian cyber security scenario. Similarly, cyber security breaches disclosure norms of India are also missing till date. We at P4LO believe that the cyber security law of India is urgently needed.

(2) NCCC Of India: The proposed National Cyber Coordination Centre (NCCC) Of India is still to be established in India till the end of December 2014. As per the latest news, the National Cyber Security and Coordination Centre (NCSC) of India is still under consideration.

(3) Bitcoins Exchanges: The Bitcoin exchanges were very frequently targeted by cyber criminals in the year 2014. In many cases these cyber attacks proved successful as well and many Bitcoin exchanges were forced to shut down due to such cyber attacks.

(4) E-Commerce Websites: Many e-commerce websites were successfully targeted and breached by cyber criminals and data of their users was compromised. This has also raised the question whether these e-commerce websites have failed to observe cyber law due diligence (PDF) and cyber security due diligence while conducing their businesses. In fact, three U.S. States are investigating EBay’s cyber security standards and cyber security breach disclosure practices. The cyber breaches in India would raise complicated cyber law issues in the near future.

(5) Director’s Cyber Security Obligations: The Indian Companies Act, 2013 has significantly increased the cyber security obligations of directors of various companies. However, the true significance and effect of the same is yet to be appreciated by the directors. Law firms’ cyber security obligations are also increasing world over, including India.

(6) Tri Service Cyber Command: A tri service cyber command for armed forces of India has been suggested by Indian Government once again. In May 2013 a similar declaration was made by the then Government. However, it is not clear whether such tri service cyber command has been established in India or nor as on date.

(7) Crisis Management Plan: The cyber crisis management plan of India has been declared in the past but its actual implementation is still missing. As a result we have no implementable crisis management plan of India for cyber attacks and cyber terrorism and this leave our critical infrastructures vulnerable to diverse and sophisticated cyber attacks.

(8) Critical Infrastructure Protection: Protection of critical infrastructures connected to information and communication technology (ICT) is a real challenge. Internet is full of unprotected SCADA systems that can be manipulated and exploited by cyber criminals. Critical Infrastructure Protection in India (PDF) is still at the infancy stage. In a surprise event, Huawei was accused of breaching national security of India by hacking base station controller in AP. Recently, it was declared that NTRO would protect the critical ICT infrastructures of India. India is also contemplating setting up of dedicated units for specific areas governing critical infrastructures.

(9) Cyber Security Capabilities: The cyber security capabilities of India are still trying to cover the ambitious projects of Indian Government. Projects like Digital India and Internet of Things (IoT) (PDF) would require robust cyber security capabilities on the part of India. India is considered to be a sitting duck in the cyberspace and civil liberties protection regime. The offensive and defensive cyber security capabilities of India are also not impressive. The Cyber Security Challenges in India would further increase in future and India must have a sound offensive and defensive cyber security capability.

(10) Rise Of Malware: Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, Gameover Zeus (GOZ), etc have exposed India to sophisticated cyber attacks and malware infections. Cyber security breaches are increasing world over and India must be “cyber prepared” to deal with the same. The cyber security challenges before the Narendra Modi Government are not easy to manage and Indian Cyberspace must be protected on a “priority basis”.

(11) International Legal Issues Of Cyber Attacks: The international legal issues of cyber attacks have started gaining importance in the year 2014. Countries around the world have realised that international cooperation (PDF) in the field of cyber security is a must to deal with cross border cyber crimes and cyber attacks. Therefore, an international cyber security treaty is required (PDF). In the absence of such globally acceptable cyber security treaty, the conflict of laws in cyberspace would continue to make the things difficult. Cyberspace has also put forward complex problems of authorship attribution for cyber attacks and anonymity. Cyberspace also gives rise to conflict of laws in cyberspace where multiple laws of different jurisdictions may be applicable at the same time. Even the mutual legal assistance treaties (MLATs) are not helpful in every case of cyber attack and cyber breach. India recently opposed the proposal to include cyber security technologies under the Wassenaar Arrangement.

(12) Priority Areas: Some of the areas where India must ensure robust cyber security include banking industry, thermal power sector, satellites, etc. Indian insurance sector showed interest in cyber insurance in the year 2014 and this is a good sign for both the insurance companies and the insured individuals and entities. Recently, the National Security Council (NSC) proposed three pronged cyber security action plan for India. However, India still has to cover along road before it would consider itself to be even moderately cyber secure.

There are many more techno legal issues of Indian cyber security that cannot be discussed in a single trend. P4LO and CECSRDI would discuss the same from time to time at appropriate platforms and websites.

Overall the cyber security initiatives of India fell well short of a reasonable effort in this regard. Indian Government has to invest in cyber security skills development on the one hand and improving the cyber security capability on the other hand. We hope the year 2015 would be more positive via-a-vis cyber security in India.

Posted in Uncategorized | 5 Comments