Cyber Security Of E-Governance Services In India Is Needed

Lock backgroundElectronic governance (e-governance) is a valuable tool in the hands of Indian government to deliver public services in an economic, transparent and accountable manner. Presently there is no dedicated legal framework for e-governance in India.

Similarly, there is no law that can ensure compulsory e-delivery of public services in India. The proposed draft electronic delivery of service bill, 2011 of India is yet to become an applicable law and binding obligation upon central government and state governments.

Naturally, e-governance in India is dying and Indian government has to do a good amount of hard work to keep it alive. There are many hurdles before the successful implementation of e-governance projects in India. However, nothing is more dangerous and more worrisome than implementing the e-governance projects of India without adequate cyber security.

Cyber security of e-governance projects of India is still not contemplated by Indian government. This can be well understood as when even implementation of e-governance is in poor state one cannot expect safe and cyber secure e-governance services in India.

Indian government has recently admitted that it acted very late for drafting the cyber security policy of India 2013. Even the cyber security policy is deficient on many counts. Further, actual implementation of the cyber security policy of India is still to be achieved that would be a mammoth task in the absence of adequate cyber security expertise.

Indian government has been repeating mistakes after mistakes even if it is warned much in advance. For instance, Indian government is adamant on wasting public money on illegal and unconstitutional projects like Aadhaar. After wasting many crores Indian money, it is only now that the Supreme Court of India has declared that Aadhaar card is not mandatory for availing public services in India.

Similarly, Indian government is pushing mobile banking without realising its risks and without ensuring sufficient mobile banking cyber security in India. We do not have any mobile payments cyber security in India as on date. Mobile frauds and online banking frauds have increased tremendously and cyber crime conviction rates in India are almost none. India is not ready for mobile governance as on date and even mobile governance and e-authentication in India needs to be ensured.

Private banks are implementing online banking related projects in India without any cyber law due diligence and proper project appraisal. Recently, the ICICI bank has launched an initiative titled Pockets that allows transfer of funds through a Facebook account. Initiatives like these are not in strict compliance with the cyber and banking laws of India. The ICICI bank’s pockets initiative may be insecure and violative of Indian laws.

Luckily, the Reserve Bank of India has made the security and risk mitigation measures for card present transactions in India enforceable from 1st October, 2013. This has put the onus of secured card transactions upon banks and they cannot fool the victims’ customers in this regard.

Cyber security in India must be improved so that public services can be better delivered through the mode of e-governance and mobile governance. Similarly, cyber security legal practice must be encouraged and developed in India so that cyber crimes and cyber security related breaches can be properly prosecuted.

Indian government is also required to formulate adequate e-governance cyber security policies for India and implement the same in true letter and spirit. Till then relying upon Indian e-governance services, barring few exceptional ones, is a risky proposition and must be avoided.