IntroductOry note :“HUMAN RIGHTS HAVE ALWAYS BEEN NEGLECTED AND BLATANTLY VIOLATED ALL OVER THE WORLD. THESE HUMAN RIGHTS (HR) AND FUNDAMENTAL RIGHTS (FR) HAVE NOW TAKEN AN ALTOGETHER DIFFERENT SHAPE IN THE INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) DRIVEN WORLD. THE NATIONS ARE INCREASINGLY BECOMING “POLICE STATES” AND “ENDEMIC SURVEILLANCE SOCIETIES”.
THE VICES OF ILLEGAL E-SURVEILLANCE, PRIVACY VIOLATIONS, HUMAN RIGHTS VIOLATIONS, FUNDAMENTAL RIGHTS VIOLATIONS, ETC ARE BECOMING COMMON AND WIDELY SPREAD ALL OVER THE WORLD. THIS PLATFORM IS TRYING TO PROVIDE “TECHNO-LEGAL REMEDIES” TO NETIZENS SO THAT THEY MAY PROTECT THEMSELVES FROM THE “OVER ZEALOUS AND OVER CAUTIOUS STATE ACTIONS” THAT ARE BY THEIR VERY NATURE ILLEGAL, UNCONSTITUTIONAL AND INHUMAN.”
Human Rights Protection in Cyberspace is an extension of traditional Human Rights that are available in a real life situation. With the growing use of Information and Communication Technology (ICT) in our day to day affairs, our Human Rights in Cyberspace are frequently violated by Governmental as well as Non-Governmental entities, persons and organisations. The traditional “Welfare States” are now working as “E-Police States” and “Endemic E-Surveillance States”.
The ICT Trends In India 2009 clearly established this position in India. Civil Liberties like Privacy Rights, Right to Speech and Expression, Right to Data Protection, Right against E-Surveillance by State, Right against Internet Censorship by State, Right to Information, etc are in serious jeopardy due to growing and unaccounted governmental intrusions and violations. To safeguard our Human Rights in Cyberspace we need an effective Techno-Legal Framework .
At the same time we also need “Private Defence in Cyberspace ”against an overzealous and over guarded E-Police State. This initiative would act as a “Centre for Protection of Human Rights in Cyberspace” and aims at providing techno-legal framework as well as means and tools to exercise private defence in cyberspace against Governmental and Non Governmental violators and aggressors who violate Human Rights in Cyberspace without“ Proper Authority” and “Constitutional Authority”.
At the same time we would also provide a “Techno-Legal Framework” for Data Protection Law In India, Privacy Rights Protection In India, formulation of Privacy Laws In India, Legal Frameworks for E-Governance in India, Legal Frameworks for E-Commerce in India, Legal Framework for implementation of Projects like Crime and Criminal Tracking Network & Systems (CCTNS) Project (CCTNS Project), National Intelligence Grid (NATGRID), Unique Identification Authority of India (UIDAI), National Counter Terrorism Centre (NCTC) of India, E-Surveillance under the Information Technology Act 2000 (IT Act 2000) and other laws, etc.
A sound and effective Techno-Legal Crisis Management Plan (CMP) would also be suggested by us. Summit meetings and world conferences have been convened on issues ranging from sustainable development to social development, and women and children. In December 2003, the World Summit on the Information Society (WSIS) was convened under the auspices of the United Nations. This meeting aimed to stimulate action to ensure that the information societies that are emerging today are more, rather than less, equitable than the societies that have preceded them.
Summit meetings generally lead to declarations of principles and intended actions. These are the result of lengthy negotiations that seek to find common ground between the disparate interests of government, business and, in the case of the WSIS, civil society, representatives from around the world. One important area that engendered considerable debate in the case of this Summit and the necessity for compromise was a core issue that is addressed in this volume – human rights and their legal protection. Human rights in the digital age are being contested very openly today.
The text of the WSIS Declaration of Principles espouses a common vision of the information society, particularly with respect to human rights. For example: ‘We reaffirm the universality, indivisibility, interdependence and interrelation of all human rights and fundamental freedoms, including the right to development, as enshrined in the Vienna Declaration. We also reaffirm that democracy, sustainable development, and respect for human rights and fundamental freedoms as well as good governance at all levels are interdependent and mutually reinforcing. We further resolve to strengthen respect for the rule of law in international as in national affairs.
We reaffirm, as an essential foundation of the Information Society, and as outlined in Article 19 of the Universal Declaration of Human Rights, that everyone has the right to freedom of opinion and expression; that this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.
Communication is a fundamental social process, a basic human need and the foundation of all social organisation. It is central to the information society. Everyone, everywhere should have the opportunity to participate and no one should be excluded from the benefits the Information Society offers Nothing in this Declaration shall be construed as impairing, contradicting, restricting or derogating from the provisions of the Charter of the United Nations and the Universal Declaration of Human Rights, any other international instrument or national laws adopted in furtherance of these instruments CYBER TERRORISM IN INDIA AND CYBER WAR AGAINST INDIA-TECHNO-LEGAL RESEARCH AND TRAINING CENTRES IN INDIA The Private Defence in Cyberspace is also available against Cyber Terrorists and rouge Countries engaging in Cyber Warfare or Information Warfare.
Perry4Law, Perry4Law Techno-Legal Base (PTLB), Perry4Law Techno-Legal ICT Training Centre (PTLITC) and other Techno-Legal Segments of Perry4Law are managing many Research and Training Centres/Institutes. Some of them include Cyber Law, Cyber Security, Cyber Forensics, E-Discovery, Cyber Terrorism, Cyber Warfare, etc.
This initiative would also provide Techno-Legal Private Defence against Cyber Terrorists and States engaged in Cyber Warfare or Information Warfare. Further, this Centre/Institute would also provide Techno-Legal Policies, Strategies, Methodologies and Tools for Critical ICT Infrastructure Protection In India (CIIP) and abroad. Supreme Court Guidelines On National Security And Mobile Connections Verification In India Of late Indian Government has shown great concerns regarding National Security issues and national threats arising out of use of Information and Communication Technology (ICT). Indian Government has been stressing really hard to regulate and control ICT, especially the Internet and Mobile Communications.
For instance, the Central Monitoring System (CMS) Project of India has been proposed to regulate and control Telecom Communications over Telecommunication Infrastructure in India. Similarly, establishment of the National Cyber Coordination Centre (NCCC) of India has been suggested to exercise control over Indian Cyberspace.
While National Security is of paramount importance yet it should not be a ground to violate Human Rights and Civil Liberties. Human Rights Protection in Cyberspace is an area that requires urgent attention of United Nationsand International Community. The way National Governments are engaging in Illegal and Unconstitutional E-Surveillance and Phone Tapping, Civil Liberties in Cyberspace are in great danger.
I personally believe that there must be a “Constitutional Balance” between National Security and Human Rights Protection Requirements. Giving “Primacy” to one over the other, without engaging in a “Reconciliatory Exercise”, would be “Counter Productive” in the long run. l.lo9
The Big Brother must not overstep its Constitutional Limitations. For instance, the proposal of Indian Government to constitute an Agency that would scan all Tweets, E-mails, etc must maintain a “Balance” between Civil Liberties and National Security Requirements.
In a significant development regarding National Security arising out of use of Mobile Phones in India, the Supreme Court of India would issue “Directions” on Monday (26-03-2012) on the plea for making strict adherence to verification of consumers before providing connections for mobile phones in the interest of National Security.
The guidelines have been framed by the Central Government for tightening the verification process for mobile phone connections in India. The Telecom Regulatory Authority of India (TRAI) has also provided its inputs in this regard to the Supreme Court of India. A Bench of Chief Justice SH Kapadia, Justice AK Patnaik and Justice Swatanter Kumar reserved its order in the past.
However, the entire exercise seems to be a “Piecemeal Effort” as we have no dedicated Cell Phone Laws in India. The way developments are happening at National and International levels, enactment of dedicated Mobile Phone Laws in India are urgently required. Presently, they are missing and this is creating lots of problems to Telecom Operators, Consumers, Indian Government and various Stakeholders
National Counter Terrorism Centre (NCTC) Of India Got Cabinet Approval TheNational Counter Terrorism Centre (NCTC) of India is a “Dream Project” of Home Minister Mr. P. Chidambaram. The NCTC Project of India is also very “Significant” for the National Security of India. Terrorist Attacks against India are on increase and we need a “Specialised Institution” like NCTC to provide Valuable Intelligence Inputs and Leads.
According to Media Reports, the Central Government’s Cabinet Committee on Security (CCS) on Thursday cleared the proposal to set up NCTC. It is expected that the NCTC may get Cabinet Approval this month. It is also expected that NCTC would be an expanded form of the Multi-Agency-centre (MAC), the Nodal Intelligence Cell under the Union Home Ministry.
NCTC would be the “Central Body” that would include, among others, the Intelligence Bureau (IB)’s MAC, Joint Intelligence Committee, National Technical Research Organisation (NTRO) and the National Security Guard. NCTC would be supported by National Intelligence Grid (NATGRID) Project, Crime and Criminal Tracking Network and System (CCTNS), etc.
Projects like NCTC, NATGRID, CCTNS, etc are Crucial for National Security of India. However, they must be “Properly Planned and Executed”. These Projects should not face the same “Fate” that the Aadhar Project of India has faced.
These Projects must be implemented with Proper Planning and Foresight. Further, a “Special Care” must be taken get “Parliamentary Oversight” for these Projects before they are made “Operational”. These Projects cannot serve their purpose if they do not defend Civil Liberties and ensure Procedural Safeguards for Protection of Human Rights in Cyberspace through a Legal Framework. For instance, Intelligence Gathering should not violate Privacy Rights of Indians.
The NCTC would be reporting to the Union Home Minister and it has been reported that it would be “Accountable to the Parliament”. Presently Intelligence Agencies of India are not governed by any Legal Framework. Even the draft Intelligence Services (Powers and Regulations) Bill 2011 has failed to become an applicable law. Strangely, even the proposed CentralBureau of Investigation Act 2010 failed to become an applicable law.
As on date, both Intelligence Agencies of India and CBI are working in India without “Constitutional Laws” governing their operations. This is a “Serious Issue” that Indian Government must resolves as soon as possible. Even for the successful operations of Projects like NCTC, NATGRID, CCTNS, such “Parliamentary Oversight” is essential. I hope Mr. P. Chidambaram would consider these issues on priority basis.
Indian Judiciary, Cyber Law and Websites BlockingRecently a Lower Court was hearing a case where the complainant requested for an order to remove derogatory and obscene contents posted on various Social Networking websites. The Court ordered 21 Social Networking websites including Facebook, Microsoft, Google, Yahoo and YouTube to remove derogatory and obscene content by February 6, 2012.
The magistrate had summoned the accused companies to face trial for allegedly committing the offence punishable under section 292 (sale of obscene books etc), 293 (sale of obscene objects to young person etc) and 120-B (criminal conspiracy) of the IPC.
Recently another lower Court, in an ex-parte order, had directed the social networking websites to remove the objectionable content in the form photographs, videos or text which might hurt religious sentiments.
Indian Judiciary is trying to deal with Cyber Law issues in the absence of dedicated Social Media Laws in India. Although we have Information Technology Act 2000 (IT Act 2000) as the Cyber Law of India yet we have no dedicated Social Networking Laws in India. However, Cyber Law on Social Media and Networking Sites in India is still not adequate. It has, in fact, created more problems than solution.
The way Cyber Crimes are committed on Social Media websites in India, it has become a big nuisance for Indian Government to control the same. In fact, Indian Government asked Internet Intermediaries in India to pre screenusers’ contents in India. Internet Intermediary Laws in India have been made very stringent and they are required to follow Cyber Law Due Diligence in India. Naturally, Cyber Due Diligence for Indian Companies cannot be ignored any more in India.
However, Indian Executive are bypassing the Parliament of India by formulating Rules instead of getting proper Laws passed by the Parliament. This has created a situation where the Cyber Law of India has become a big nuisance and this Cyber Law of India must be Repealed as soon as possible. Since the Cyber Law of India is incomplete and self contradictory, even Indian Judiciary is confused in many cases.
For instance, cases of ignorant Judicial Blocking of Websites in India have increased a lot where even genuine and law abiding websites are blocked in a blanket manner. In most of the cases, an ex parte order is issued that is seldom contested and the websites remain blocked for an unreasonable period of time.
If Blocking of Websites in India is done to give effect to Laws that are Constitutionally Sound, there is no problem. But if corporate houses start misusing the process of law to get useful, genuine and law abiding websites blocked in India, this is a serious miscarriage of justice in India.
In fact, this amounts to violation of human rights in cyberspace that is happening a lot in India these days. It is high time for Parliament of India to intervene in this regard and enact a Sound, Effective and Constitutionally Sound Cyber Law of India that covers all these issues appropriately. E-Surveillance In India
E-Surveillance in India is a well known phenomenon. Whether it is telephone tapping or e-surveillance and electronic eavesdropping, Indian Government has been doing it for long and to the maximum possible extent. E-Surveillance in India is a death knell to privacy in India. The truth is that we have an over zealous and e-surveillance oriented Indian government.
We have no dedicated privacy laws, data protection laws, data privacy and security laws, etc in India. On the contrary, the Cyber Law of India, incorporated in the Information Technology Act 2000 (IT Act 2000), facilitates E-Surveillance, Internet Censorship, etc “Without any Procedural Safeguards”.
Indian Government acquired itself Unregulated, Illegal and Unconstitutional E-Surveillance, Internet Censorship and Website Blocking powers with no Procedural Safeguards. The IT Act 2000 was amended through the Information Technology Amendment Act 2008 (IT Act 2008) and this amendment gave Unconstitutional and Illegal Powers to Indian Government and its Agencies. With the notification of the IT Act, 2008, the journey from Welfare State to a Police State was completed for India.
Instances of Website Blocking in India and Internet Censorship in India have increased a lot. What is more worrisome is the fact that E-Surveillance and Internet Censorship in India have increased without any Constitutional Lawful Interception Law in India. Lawful Interception Law in India is missing and Phone Tapping in India is done in an Unconstitutional manner.
The Cell Site Location Based E-Surveillance in India is also in contemplation. Cell Site Data Location Laws in India and Privacy issues are once again ignored in this case. However, of all E-Surveillance Project, nothing is worst than the Aadhar Project of India and its implementing Unique Identification Authority of India (UIDAI) headed by Nandan Nilekani.
E-Surveillance is a direct violation of Human Rights in Cyberspace in India. Human Rights in Cyberspace are Outlawed in India. Human Rights Protection in Cyberspace is urgently required. In fact, E-Surveillance Policy of India is needed so that E-Surveillance can be conducted in “Exceptional Cases and Constitutional Manner only”.
If Unconstitutional E-Surveillance and Phone Tapping continue in India, Self Defense in Indian Cyberspace is the only viable option. However, there are circumstances when self defense in cyberspace ceases to exist. Further selfdefense against State must be always “Legal and Constitutional”.
World over Law Enforcement Agencies have been advocating maintaining a balance between Civil Liberties and National Security Requirements. India must also follow the same practice. I hope Indian Government would do the needful very soon.
FBI Mulls Fighting Cyber Crimes While Respecting Civil Liberties Human rights and civil liberties are well known world over. However, what is not very popular is the human rights protection in cyberspace. Governments and nations across the world are not very keen in protection of civil liberties in cyberspace. On the contrary, they are actively indulging in e-surveillance, e-eavesdropping and violation of various civil liberties and human rights in cyberspace and India is no exception to this rule.
Any government that respects human rights and civil liberties must maintain a balance between civil liberties, human rights and national security requirements. Further, a sound and constitutional e-surveillance policy is also required that clearly demarcates the nature, extent, procedure, etc of using e-surveillance for national security purposes.
The United Nations must protect human rights in cyberspace more vigorously. Presently UN has not taken enough initiatives in this regard. Of course, UN has declared that access to Internet is a human right but that is far from satisfactory.
If UN believes in human rights, it must start thinking towards its new form in this Internet era. There is no reason why human rights in cyberspace must be given any lesser importance than its traditional human rights. After all human rights like right to speech and expression, right to information, right to know, privacy rights, etc are similar in cyberspace. Rather violation of human rights in cyberspace is much easier and more frequent.
In a welcome move, a positive attitude in this regard has been shown by FBI Director Robert Mueller. He said that the FBI has to stay ahead of changing threats and new technology to keep the nation safe from terrorism, espionageand cyber-attacks, but must not get ahead of the rule of law and constitutional protections.
He opined that the cyber-intrusions, be they aimed either at stealing national security systems, military technology or the private sector’s intellectual property, or at disrupting public services or the private economy, is costing the nation billions. But adhering to the rule of law remains the FBI’s guiding principle, he said, and the bureau knows it’ll be judged on how well it safeguards the liberties for which it is fighting. Digital Privacy
As more of us conduct an increasing portion of our daily lives online, we create a growing and permanent digital footprint with every Google search, Facebook “like” and eBay purchase. Yet few of us give much thought to the consequences of all this e-disclosure or its cumulative effects over time. We express concern over our digital privacy rights in the immediacy of news reports regarding lost or stolen client data and appear to disapprove of organizations tracking our online behavior. However, even the most vigilant and digitally aware among us is oblivious to most privacy violations because they occur unheard and unseen.
This attitude and mentality must be adopted by all the law enforcement agencies of the world, including India. Till human rights in cyberspace are not respected and protected, the fight against cyber crimes would always remain biased and incomplete. Privacy as a human right may be a novel concept to some; however, it is actually enshrined in th e United Nations Universal Declaration of Human Rights. Moreover, digital privacy is emerging as an important human right particularly because it may be subjugated so easily.
The Global Network Initiative states “Privacy is a human right and guarantor of human dignity…. important to maintaining personal security, protecting identity and promoting freedom of expression in the digital age.” Unfortunately, legislative priorities largely appear to exclude digital privacy. According to the Electronic Frontier Foundation, “… the law has yet to catch up to our evolving expectations of and need for privacy.”
We see this in the U.S. where legislators have yet to update the Electronic Communications Privacy Act of 1986. At the same time, some question the motives of government action (or inaction) and express concern over what they perceive as an overstepping of authority, particularly regarding the collection, retention and analysis of personal data. In Germany, for instance, the Supreme Court ruled that country’s data retention law unconstitutional last year.
While the future state of regulation regarding digital privacy may be uncertain, many global companies are seeking to assure alignment between their human rights policies and practices and the United Nations Guiding Principles on Business and Human Rights: the “Protect, Respect and Remedy” Framework launched formally in April 2011. While the framework recognizes the State obligation to protect human rights, it also recognizes a “corporate responsibility to respect human rights, act with due diligence, and address adverse impacts.” Leadership companies, such as those in high tech, have been notably proactive in their efforts to address human rights.
This is particularly true of Symantec who is intimately familiar with the intersection of digital privacy and security through its core business: “The protection of individual privacy afforded by our products is critical to the protection of human rights. Indeed, many of our products, including encryption, endpoint protection, online backup, and antivirus software support the first three UNGC principles by enabling individuals to protect the secrecy of their communications and work products, to store their information with a trusted vendor, and to monitor and track attempts of intrusion into their information from other individuals and/or governments.“
We need look no further than Yahoo!, criticized for its role six years ago in providing a journalist’s personal data to Chinese state security officials that led to his conviction, for an example of a company that experienced unintended impacts on human rights simply by trying to comply with local law. (Last year Google reversed a long-standing practice of self-censorship). It is difficult to estimate the number of data requests made by governments to cloud computing companies. Going forward, however, it is imperative for a leadership company such as Symantec to be transparent regarding the number and nature of any such requests. Here companies such as Symantec can also turn to the Global Network Initiative for guidance.
Meanwhile companies such as Symantec are developing more and more sophisticated software in response to criminal and terrorist threats to the safety of information stored, shared or transmitted online. However, their efforts to secure online commerce and protect privacy may actually put them in direct conflict with governments concerned over the ability of criminals and terrorists to use encryption technology and for the need to have a sort of “master” key to unlock encrypted data.
Earlier this year, for instance, India threatened to suspend Research In Motion’s BlackBerry Messenger services arguing that it needed access to the company’s encryption data after similar threat from Bahrain. In July, a mortgage fraud case in Colorado turned into a Fifth Amendment test as the Electronic Frontier Foundation supported arguments that the U.S. Department of Justice could not compel an individual to disclose an encryption pass phrase on a personal computer. Again, going forward, companies such as Symantec who play an integral role in the security of the Internet would have to weigh the potential human rights impacts of sharing encryption keys with governments where there is not an immediate and compelling criminal or terrorist threat.
Facebook CEO Mark Zuckerberg suggested in a recent interview that Google, Microsoft, and Yahoo collect far more information about users than Facebook does saying “It’s just that they’re collecting (it) about you behind your back.” We hope that companies see this more as a rallying cry than criticism: As digital privacy continues to become a more critical aspect of human rights, transparency will also become increasingly important to the ability of Symantec and other leadership companies in the high tech sector to earn the trust and confidence of Internet users, governments and other stakeholders.
CONCLUSIVE NOTE ON : Privacy Protection In Cyberspace Should We Just Give Up? In 1980 the Organisation for Economic Cooperation and Development (OECD) adopted guidelines on the protection of privacy in the computer age. The OECD does not usually get involved in such human rights concerns. The reason that propelled the OECD into this issue was a fear that its member states, including Australia, would introduce incompatible and conflicting laws for the defence of privacy. This would result in serious impediments to the generally free flow of data across their borders and beyond.
This was the reason that brought together an expert group on privacy. I was elected to chair the group. Given the different cultures and legal systems of the 24 participants, it was remarkable that we achieved consensus. But once adopted, the OECD Guidelines, upon which we agreed, became highly influential on the laws of the member states.
The Australian and New Zealand laws on privacy for example basically adopted the privacy principles expressed in the Guidelines and accepted the high measure of flexibility which they permitted. The key provisions required limitations on the needless collection of personal information, security of such information once in the system and a right of access by a data subject to his or her own personal information so as to know what others were seeing in that person’s data profile. Privacy Protection More Complicated
Since the 1980 guidelines, the world has moved increasingly to recognise the close inter-relationship between an open and dynamic economy and an open and dynamic democracy operating under the rule of law. This has led bodies such as the OECD and the World Bank into an increased appreciation of the importance of good governance for sustained economic development.
The protection of basic human rights is vital in this context for the growth of global markets upon which depend the economic viability and strength of the economy of every nation. Yet the world, particularly in the field of information technology, has changed beyond recognition from the world into which the OECD Guidelines came nearly twenty years ago. It is therefore timely to consider the changes and some of their implications. We must ask, as The Economist did in May 1999:
Are we witnessing “the end of privacy”? The most important change has been brought about by the growth of the World Wide Web, the unstoppable expansion of the Internet and the rapid development of e-commerce. Use of the Web more than doubles every twelve months. Looking ahead, it is necessary to envisage the way in which the lives of human beings will be altered as the global network of interconnected users of information technology becomes bigger and ever more powerful.
Can individual privacy survive in such a world? In the past, the chief practical protection for privacy lay in the sheer cost of retrieving personal information and the impermanency of the forms in which much information was stored. However, such practical safeguards largely disappear in the digital age. It is not always appreciated by users of the Web that without specific initiatives on their own part, their visits to particular websites can often be resurrected, presenting a comprehensive profile of their attitudes and interests. That profile may illustrate the subjects inclinations: political, social, sexual and otherwise. Informed writers are therefore already suggesting the necessity for new principles to protect individuals appropriate to today’s technology.
The suggestions include the assertion that privacy today involves a right not to be indexed; a right to encrypt personal information effectively; a right to secure human checking of adverse decisions made on computer profiles; a right to