IT Act Amendments and Cyber Terrorism
The amendments proposed to IT Act 2000 in the
form of IT Act amendment Bill 2006 (ITAA 2006) have been under
consideration since mid 2005. The undersigned has been following the
developments closely and the developments have been well captured as the
history of development of Cyber Laws in India
at Naavi.org
In the aftermath of the Mumbai terror attack,
there is now a renewed interest on legislation in India which is aimed at
defending the nation against all forms of terrorism. Under this blinding
glare of terrorist attacks, it is being stated that the ITAA 2006 is likely
to be passed (refer
reports emerging from the Internet Governance Forum at Hyderabad).
The reports are likely to be mis understood as a quick
response to the current crisis since one of the new clauses to be inserted
is on "Cyber Terrorism". Before jumping to such conclusions, it is
necessary to understand that the amendments were first proposed through a
hand picked pre-motivated expert committee intervention to protect the
"Intermediaries" from vicarious liabilities and the requirement of "Due
Diligence". The amendments were also meant to reduce the powers of
the police in handling cyber crime situations. At this time, despite
suggestions at its lap, it ignored provisions on Cyber Terrorism, Spam etc.
Yet the Government machinery went on bragging in the
media that the amendments were meant to strengthen the Cyber laws in India.
Naavi.org had taken up a mission to expose this hypocritical approach of
the Government to go soft on legal measures to control cyber crimes.
Thanks to a vigilant Standing Committee of
the parliamentarians who came down heavily on the motivated amendments
proposed, the draft bill was sent back to the MCIT for redrafting. What we
now see is the amended amendments consequent to this three years of fight
carried on against the earleir draft by Naavi.org and other cyber law
specialists in the country. It was the specific suggestion of the Standing
Committee (report
available at Naavi.org) that a suitable clause on Cyber Terrorism must
be introduced in the law.
Now it appears that under the shadow of the terror
attacks, the amendments will be pushed through in the next parliament
session with the ruling party supporting it as a response against the
recent attacks.
While we do expect that some improvements are bound to
be made to the law, it is necessary for us to be vigilant on how the
amendments treat the section 79, 80 and 85 of the present act. Sec 79 is
the crucial section which talks of the liability of the intermediaries such
as Cyber Cafes, ISPs, websites. hosting companies etc. A regulation of
these entities is very much essential for control of cyber crimes and
terrorism. Any attempt to dilute this would be considered a direct attempt
to soften the laws in favour of criminals. Section 80 which provides powers
to the Police for arrest and search in public places is sought to be
deleted completely. We need to know if this section has been restored in
the amendment to amendment. Section 85 hopefully remains untouched.
The Government has been very secretive of the latest
draft of the amendments. While some of the spokes persons of the department
selectively leak some provisions to the media and speak about it in the
seminars, they have refused to part with a copy to the expert committee for
the fear of being analyzed and criticized.
It is this lack of transparency which raises a concern
that the amendments will not entirely be an attempt to stregthen the law.
We need to keep our fingers crossed and wait to see the full text before a
proper comment is made.
It is necessary for us to recall here that in Pakistan,
Cyber Terrorism is an offence for which there is a "Death Penalty". Now it
is to be seen if the amendments to the amendments about which we are so
hopeful, provide such stngent penalty.
In fact we need to see how the term "Cyber Terrorism"
will be defined. We all know that what constitutes "Terrorism" is already
understood. If this is committed using computers, the current laws are
itself sufficient to bring "Terrorist acts committed through use of
computers". There is no need for calling this as "Cyber Terrorism". If
this approach is used, then a terrorist may get a lighter sentence for
"Cyber terrorism under ITA 2000" than what he would get under IPC or
Unlawful Activities Prevention Prevention Act etc. If there is an
overlapping definition of Cyber Terrorism under ITA 2000 and IPC etc, there
may be legal loopholes created for the benefit of terrorists.
It is necessary to retain the current operational
definition of terrorism for which death penalty is already available
whether they are committed with the use of computer or not. What we need to
add as "Cyber Terrorism" is acts such as use of Internet for terrorist
propaganda, money settlement, communication leading to planning and
execution of terror plan, mass defacement of websites of the country, DDOS
and Trojan attacks aimed at cyber assets of the nation, etc .
Will the amendments try to do this?... It is unlikely.
I would therefore like journalists in India along with
other Cyber Law and Cyber Security specialists to keep a strict vigil on
the proposed amendments as may be presented in the Parliament to get a
correct, unbiased view of the effect of the amendments. Let us not be
carried away by the mere propaganda.
At the same time I still urge the MCIT to put the draft
for public view so that there will be some element of consensus on its
effectiveness. I also urge the MPs to ensure that the draft is made public
before it is finally passed.
Naavi of www.naavi.org
Na.Vijayashankar
December 05
2008
Related Article: 5 key Steps to
National Security