India’s cyber infrastructure needs more than patches

Source: This post is created based on the article India’s cyber infrastructure needs more than patches”, published in The Hindu on 3rd September, 2022.

Syllabus Topic: GS Paper 3 – Cyber Security

Context: Cybercrime is increasing with the increased use of information and communication technology (ICT). However, the capacity of the enforcement agencies to investigate cybercrime remains limited.

According to the National Crime Records Bureau (NCRB), from 12,317 cases of cybercrime in 2016, there were 50,035 cases registered in 2020.

In Arjun Pandit Rao Khotkar vs Kailash Kushanrao Gorantyal case, SC settled the rules on admissibility of electronic evidence.

The Court held that a certificate under Section 65B(4) of the Indian Evidence (IE) Act was a mandatory pre-requisite for the admissibility of (secondary) electronic record if the original record could not be produced.

States are responsible for creating the infrastructure for the cybersecurity, whereas center is responsible for providing the uniformity in the legislations.

What are the challenges in dealing with cyber or computer-related offences?

No separate procedural code: There is no separate procedural code for the investigation of cyber or computer-related offences. The nature of electronic evidence is entirely different compared to traditional crime.

A five-judge committee suggested Draft Rules for the Reception, Retrieval, Authentication and Preservation of Electronic Records. However, it is yet to be given a statutory force.

Recruitment of technical staff for the investigation of cybercrime is not happening at the required pace. Any person with academic background in the arts, commerce, literature, or management cannot identify digital evidence.

Authority to investigate: As per Information technology Act, an offences registered under the act, cannot be investigated, by an officer, below the rank of an inspector. However, there are not enough inspectors in a district for that purpose.

Examiner of Electronic Evidence: While most State cyber labs are sufficiently equipped to analyse hard disks and mobile phones, many are yet to be notified as ‘Examiner of Electronic Evidence’ (by the central government) to enable them to provide expert opinion on electronic records.

Trans-national cybercrimes: It is very difficult to investigate the Trans-national cybercrimes. In these cases, blocking of an objectionable website or suspect’s account is the only option available with the authorities.

What should be the future course of action?

First, the broad ‘guidelines for the identification, collection, acquisition and preservation of digital evidence’ are given in the Indian Standard IS/ISO/IEC 27037: 2012. Which are issued by the Bureau of Indian Standards (BIS). The guidelines are sufficient to ensure that electronic evidence is neither tampered with nor subject to spoliation during investigation.

Second, a sufficient capacity build up is required to handle cybercrimes. It could be done either by setting up a separate cyber police station in each district or range, or having technically qualified staff in every police station.

Third, Information Technology (IT) Act, 2000 should be amended and make the officers of the rank of sub-inspector, eligible to investigate the cybercrimes.

Fourth, the central government has proposed launching a digital rupee using block chain technology soon. State enforcement agencies need to be ready for these technologies. Cyber forensic laboratories of States should be upgraded by providing modernisation funds by the centre.

Fifth, Data localisation must be implemented to deal with the transnational crimes happening in India.

Sixth, the Indian police receives a CyberTipline reports on online Child Sexual Abuse Material (CSAM) from the U.S.’s non-profit agency, the National Center for Missing & Exploited Children (NCMEC). India should develop its in-house capacity and/or makes intermediaries accountable to identify and remove online CSAM for immediate action by the police.

Print Friendly and PDF
Blog
Academy
Community