Cyber terrorism is becoming India’s biggest concern and today if one looks at the laws in place, it is clear that our approach has been more reactive than preventive. Now the government of India has proposed to bring about a law that would make it mandatory for internet firms and inter mediatories to provide real time information to security agencies in a bid to prevent a cyber strike by terrorists.
Indian agencies have often been caught off guard in the lead up to a terror strike as they do not have access to real time information about what is happening on the web space. Had Indian security agencies been given this information a lot of terror strikes could have been prevented. As the agencies point out that the crux of the problem begins with the internet and all the planning these days are taking place on the web space. The use of mobile technology which was extremely high a couple of years back has taken a back seat thanks to better mechanism in place which tracks conversations with much ease.
The Intelligence Bureau has suggested that it needs to have access to real time information pertaining to terrorism cases. The planning can be tracked with much ease and our response could be preventive when compared to reactive, the Intelligence Bureau feels. The case of David Headley is a very good example to show why India would need real time information regarding terror suspects. Today the NIA can only seek for further information about what has already happened. While this would help from the prosecution point of view, the fact of the matter is that damage had already been done. Had India had access to real time information from service providers or internet firms, they could have possibly prevented a huge attack such as 26/11.
While India studies the pros and cons of bringing about such a law, Cyber security expert Pavan Duggal explains the following. This proposal is emerging out of the need to tackle issues concerning national security in real time. Traditionally our approach has been more reactive in nature. It is only once an incident takes place that we investigate. By seeking real time data the government wants to be on par with pro effective efforts to stop or prevent on national security. Currently we have the IT Act of 2000 which has been amended in the year 2008. According to the amendment all service providers have been mandated to provide information as and when asked by the government of India. However the scope is not clear in terms of real time data and hence there is a dire need to come up with a new legislation or legal provision which can help the government seek real time data from these service providers of internet firms.
In the recent past, what Indian agencies have found is that the use of the web space has gone up ten fold. Apart from sending out mails to communicate regarding a terror strike, there have also been instances when terrorists have saved messages in their drafts in a bid to dodge being tracked. If the proposed law comes up, then suspects could be placed under the scanner and their activities tracked real time. It however cannot be considered to be a fool proof method, but there would be a fear among such persons that they are being constantly monitored.
For terror organisations it is very important that they go through the initial part of the operation without being noticed. If the proposed law falls in place then it would act as a deterrent to them. The new law which is being considered would not only help agencies track the planning but would also help them keep a check on other activities the most important of them being fund transfer. During a lull, terrorist groups continue to transfer funds and also carry out recruitment activities through the internet. This new law could help prevent such activities as well.
India today is probably very high on the security risk map where cyber terror is concerned. This has even been recognised by the European Union which recently invited India to take part in the cyber security and crime project. This project would require India to take part in a exercise which would involve counter terrorism on the cyber space.
While India would need time to study the pros and cons of such a new law, the biggest challenge would again be in respect to privacy. There is a careful need to study the law before bringing it out in the open. Duggal adds that the only problem would be that this law should have adequate safeguards to prevent a misuse by the government and security agencies. There needs to be a line drawn and the government should not seek real time data on each and every individual. There is a need to balance out the information being sought on suspects and also a need to protect the privacy and civil liberties of the ordinary citizen. There ought to be a proper monitoring committee and a set of guidelines that need to be followed just like in phone tapping cases before a requisition could be made to the internet firm to provide real time information on any person. Only once the committee are convinced should a go ahead be given to seek such information.