National Cyber Security Policy Of India Has Failed To Protect Privacy Rights In India

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW CEO PTLBThe National Cyber Security Policy (NSCP), 2013 has listed many Objectives that Indian Government wishes to pursue to protect the Cyber Security Interests of India. However, from the very beginning the NCSP is facing Implementation Hurdles. The NCSP is also not holistically drafted as it is in active conflict with other Projects and Initiatives of Indian Government.

For instance, consider the example of the Central Monitoring System (CMS) Project of India. The CMS Project has been launched without any Parliamentary Oversight and Legal Framework. The problem has been further aggravated due to absence of Lawful Interception Law and Privacy Laws in India. The net effect of this situation is that Indian Government and its Agencies can do willful e-surveillance and phone tapping without any Parliamentary Oversight and Judicial Scrutiny.

Similarly, the Unconstitutional Aadhaar Project has already been Challenged before various High Courts in India. Aadhaar Project has serious Cyber Security and Data Security Issues that are still unresolved. The truth is that Biometric Collection in India is done in an Illegal and Unconstitutional Manner as on date.

So we have all sorts of private and sensitive personal and biometric information lying openly with Indian Government and its Agencies without any sort of Check and Balances. In these circumstances the claims of Privacy Protection by the NCSP of India have to be judged.

The NCSP claims that it aims at enabling protection of information while in process, handling, storage and transit so as to safeguard privacy of citizen’s data and for reducing economic losses due to cyber crime or data theft. The Policy is silent as to how it would be able to do so. The Policy is also silent as to how it would Balance the Civil Liberty and National Security Requirements while enforcing Indian Cyber Security.

The present Mental Framework of Indian Government as well as the Regulatory Regime of India is “Anti Privacy” and “Anti Civil Liberty” in nature. Despite contrary media claims, the NSCP has maintained this position and Status Quo.

In nutshell, the NCSP of India has failed to protect Privacy Right of Indian Citizens. Rather, accompanied with Projects like CMS, Aadhaar, etc it would be actually violating the same. Let us wait for its actual implementation to see its true effect upon Civil Liberties Protection in Cyberspace.