India’s cyber infrastructure needs more than patches

Source: This post is created based on the article India’s cyber infrastructure needs more than patches”, published in The Hindu on 3rd September 2022.

Syllabus Topic: GS Paper 3 – Cybersecurity

Context: Cybercrime is increasing with the increased use of information and communication technology (ICT). However, the capacity of enforcement agencies to investigate cybercrime remains limited.

According to the National Crime Records Bureau (NCRB), from 12,317 cases of cybercrime in 2016, there were 50,035 cases registered in 2020.

In Arjun Pandit Rao Khotkar vs Kailash Kushanrao Gorantyal case, SC settled the rules on the admissibility of electronic evidence.

The Court held that a certificate under Section 65B(4) of the Indian Evidence (IE) Act was a mandatory prerequisite for the admissibility of (secondary) electronic records if the original record could not be produced.

States are responsible for creating the infrastructure for cybersecurity, whereas the center is responsible for providing uniformity in the legislation.

What are the challenges in dealing with cyber or computer-related offences?

No separate procedural code: There is no separate procedural code for the investigation of cyber or computer-related offences. The nature of electronic evidence is entirely different compared to the traditional crime.

A five-judge committee suggested Draft Rules for the Reception, Retrieval, Authentication, and Preservation of Electronic Records. However, it is yet to be given statutory force.

Recruitment of technical staff for the investigation of cybercrime is not happening at the required pace. Any person with an academic background in the arts, commerce, literature, or management cannot identify digital evidence.

Authority to investigate: As per the Information technology Act, offenses registered under the act, cannot be investigated, by an officer, below the rank of an inspector. However, there are not enough inspectors in a district for that purpose.

Examiner of Electronic Evidence: While most State cyber labs are sufficiently equipped to analyze hard disks and mobile phones, many are yet to be notified as ‘Examiner of Electronic Evidence’ (by the central government) to enable them to provide expert opinions on electronic records.

Trans-national cybercrime: It is very difficult to investigate Transnational cybercrimes. In these cases, blocking an objectionable website or suspect’s account is the only option available to the authorities.

What should be the future course of action?

First, the broad ‘guidelines for the identification, collection, acquisition, and preservation of digital evidence’ are given in the Indian Standard IS/ISO/IEC 27037: 2012. Which are issued by the Bureau of Indian Standards (BIS). The guidelines are sufficient to ensure that electronic evidence is neither tampered with nor subject to spoliation during the investigation.

Second, a sufficient capacity build-up is required to handle cybercrimes. It could be done either by setting up a separate cyber police station in each district or range or by having technically qualified staff in every police station.

Third, Information Technology (IT) Act, 2000 should be amended and make the officers of the rank of sub-inspector, eligible to investigate the cybercrimes.

Fourth, the central government has proposed launching a digital rupee using blockchain technology soon. State enforcement agencies need to be ready for these technologies. Cyber forensic laboratories of States should be upgraded by providing modernization funds by the center.

Fifth, Data localization must be implemented to deal with the transnational crimes happening in India.

Sixth, the Indian police receives a CyberTipline report on online Child Sexual Abuse Material (CSAM) from the U.S.’s non-profit agency, the National Center for Missing & Exploited Children (NCMEC). India should develop its in-house capacity and/or makes intermediaries accountable to identify and remove online CSAM for immediate action by the police.

Print Friendly and PDF
Blog
Academy
Community