Concern for
Privacy Rights Vs National Security
The first version of the amendments to
ITA 2000 culminating in the passing of the Information Technology
Amendment act 2008 on Dec 22/23 in the Indian Parliament was the
recommendation of the "Expert Committee" (ITAA 2005). Published on
August 29, 2005, it created a huge backlash amongst those who were
concerned about Cyber Crimes. Naavi was in the forefront of a volatile
campaign against the proposals in very strong terms. The toned down
version which was introduced as the next version of the proposed
amendments was Information Technology Amendment bill 2006 (ITAA 2006).
While ITAA 2006 was an improvement over ITAA 2005 and had
removed some ridiculous suggestions contained there in, it continued
to be heavily slanted in favour of Intermediaries and ignored the
needs of the Police and National Security. The timely intervention of
the Parliamentary Standing Committee seems to have worked wonders and
the slant in the final version (ITA 2008) now passed by the Parliament
has swung drastically to the other extreme where sweeping powers have
been provided for Interception, Monitoring, Blocking of websites etc.
This has naturally raised some criticisms from the Privacy supporters
and this article tries to analyse the provisions of ITA 2008 in this
regard. ..... Naavi
Comments of Naavi on the Amendments Proposed to
ITA-2000 vide ITAA 2008 Regarding Privacy Concerns
(This is part I of the three part article
Part II ,
Part III)
From the reactions coming up
in Press and Blogs on the amendments brought to ITA 2000 through ITA
Amendment Act 2008 (ITA 2008) it appears that certain provisions which will
have an impact on Privacy Rights of Individuals will be the most talked
about and most criticized aspect of the new avatar of ITA 2000.
One can recall that in 2000, when the parent act
ITA 2000 was passed, one section (and the only section) which was debated
and criticized both in the Parliament and in the media was the
"Draconian Powers of Police" to "Arrest Without Warrant" under Section 80.
Compared to what is now introduced in ITA 2008, it appears that the Section
80 of ITA 2000 was a small cracker while the current proposition is an RDX
explosion. It is therefore natural that lot of dust is being kicked up on
these provisions.
However it is necessary for all of us to
remember that 2008 is not 2000. In 2000, the biggest Cyber threat under
consideration was the "I Love You" Virus. Now we need to contend with the
"Botnets", "Phishing", "E-Extortions", Cyber Terrorism", "Cyber Wars"
etc. etc. It was therefore natural that the concern of the legislators had
to be on "Cyber Security". The casualty was unfortunately the "Privacy"
since the two are not fully compatible. They are two ends of the balance and
if one goes up the other has to come down. Balancing the Privacy
expectations with Security needs has therefore been a challenge.
We may recall a recent
tragic event in Bangalore (on the night of December 27th) where a
security guard in a defense establishment encountered a stranger atop the
house of a Brigadier at 1.30 am (middle of the night) who started to run
away when being asked to surrender and was shot dead. (It was subsequently
known that the person was a 19 year old engineering student running away
from traffic cops). There are already a few Human Rights Activists
who are blaming the guards and questioning why they could not try to catch
him instead of shooting him down. These people have forgotten what happenned
in Mumbai last month when three of the officers of ATS were shot down by
terrorists before the Police could understand whether what was going on was
a "Gang war" or a "Terrorist Attack". Under the circumstances, any
reasonable individual must come to the conclusion that the guards had every
right to sense danger and open fire, not withstanding their sympathies to
the bereaved family.
Similarly, in the light of the emerging cyber security
threats, it is natural for the Government to think of ensuring that the law
is strong enough to meet the requirements. In fact, if one takes a look at
the measures that US took after the 9/11 attack and the passing of the US
PATRIOT Act, there was every reason to appreciate the necessity for tough
laws. In fact Naavi has been
advocating the necessity for an Indian version of the US PATRIOT Act (Uniting
and Strengthening
America by Providing
Appropriate Tools
for Intercepting and
Obstructing Terrorism".
We need to recognize the fact that the provisions in the Act is only an
enabling provision and the checks and balances required to prevent misuse of
law needs to be incorporated in the rules and regulations that needs to be
formulated now. We strongly believe that if we are vigilant and persuasive,
we can ensure that sufficient safeguards are built into the system to
prevent abuse of the provisions.
We need to analyze the
provisions of the ITA 2008 in this background
(Continued..
Part II available here)
Naavi
December 30, 2008
Related Article:
Why USPATRIOT ACT is Required in India-2
Why US PATRIOT Act is required in India? ..1
Unified approach key to National Cyber security
IT Act Amendments and Cyber Terrorism
5 Key Steps to Cyber Security
National
Seminar on Privacy Rights and Data Protection in Cyber Space
Other Articles on ITA 2008
