As India awaits for the 2024 Lok Sabha elections to be completed and for the new Government to take charge, many of the long pending suggestions of Naavi are likely to find place in the immediate 100 day implementation plan of the next Modi Government.
One such thing is setting up of the National Cyber Security Agency (NCSA). Another focus area is the control of mobile crimes and introduction of the “Calling Name Presentation (CNAP).
The NCSA will likely to be the umbrella organization for managing Cyber Crime prevention.
Refer Economic Times article here
The NCSA needs to function with a “Cyber Space Jurisdiction” cutting across the State Police Jurisdictions and take over many of the intra state Cyber crimes which have given raise to many mafia centers in Bharatpur, Nuh etc. where criminals are unable to be controlled by the state police for various reasons. Similarly, CNAP should significantly reduce the vishing frauds.
We need similar law and procedure to ensure that E-Mail sender’s identity and domain name identity is also displayed. Without waiting for Google and Proton mail to introduce such systems, NCSA itself should introduce a “Digital Identity Gateway” which should be integrated with the browser and email clients and display the sender identity or domain name registrant identity.
Appropriate consent can be made available by the user of the service without infringing on the Privacy .
Hopefully the rules of DPDPA 2023 will also be released during the same time. Naavi.org may publish a document shortly on the 26+ required notifications that the Government needs to make to indicate that it is not an insurmountable task any way given the intentions.
There is also a proposal for NFIR (National Financial Information Registry Bill). This should change the current non compliant system run by CIBIL and other rating agencies under the Credit Information Companies (Regulation) Act 2005 which has conveniently facilitated siphoning off of lakhs of crores worth of data of Indian Bank customers to USA. RBI has in its certification system failed to monitor the activities of these companies and today TransUnion a US Company is the owner of TransUnion CIBIL and personal information provided to Bankers for the purpose of a loan/credit card is without proper consent shared with the US entity. This should stop and the new Act is an opportunity to correct this monumental mistake.
Naavi
