MHA advisory on Cyber Crime Prevention and Control

The Ministry of Home Affairs released a circular on 13th January 2018 to all the State Governments and UT Administrators recommending some measures towards better Cyber Crime prevention in the respective Sstates and UTs.

Copy of the Advisory

The Circular took forward a couple of recommendations which the T. K. Vishwanathan Committee on amendment to ITA 2008  was supposed to have proposed.

In particular, it has now proposed that the States should act on the setting up of

a) State Cyber Crime Coordination Cell and

b) District Cyber Crime Cells

This was proposed as a suggested amendment to the Criminal Procedure Code. Instead of the Center attempting to make amendment to CrPc, it appears that the responsibility has now been cast on the respective State Governments.

We need to wait and watch which State Governments are more concerned about Cyber Crime prevention and take action.

In these suggestions, it is proposed that the State may set up a State level coordination cell headed by a senior police officer of the ADGP/IG rank and ensure a district level, station level facilitation of cyber crime prevention activities. This will ensure that a police officer with the right kind of orientation to Cyber issues can be assigned this responsibility and the legacy system which is burdened with physical security responsibilities is not burdened with Cyber Crime prevention management which is alien to their culture. It is a great opportunity for the Police system to bring about a seminal change in the way Cyber Crimes are presently handled in the States.

The second suggestion to form District level Cyber Crime cells is also a significant step in the direction of better Cyber Crime Prevention since it envisages a support system for the SPs in the districts in which at least three domain experts in Information Technology. Mobile Telephony, Digital Forensics and Cyber Laws hired from the market. This is an acknowledgement that it is not always possible to get the expertise from within the recruits to the Police system and there is a need for public-private partnership.

The procedure to be adopted for involving the external persons need to be properly conceived. It is preferable if these “Experts” are not on an employment contract. If so it will become another Government job and will be decided on the basis of money and influence. Instead the SP should be given powers to recruit the assistance of experts by creating an expert panel and pay consultancy fees on short term contract basis. Only then the services of real experts would be available. Otherwise the system would degrade over a system into yet another Government department and will not be of use.

The Advisory of the MHA highlights the need for inter-state cooperation in Cyber Crime investigations which should be facilitated to a large extent if the State level Coordination cell becomes operational in most of the State. Naavi.org had tried to convince TN and Karnataka Cyber Crime Police Stations to take an initiative in this direction more than a decade back to bring together all the four southern states into a monthly meeting. But the idea was not taken up formally to higher levels by the then officers though I had received a positive response from both TN and Karnataka officers.

The idea of “Mobile” Cyber Forensic labs proposed is also a recommendation that had been made to Karnataka Police long time back and it is good to see the idea being revived now. The Mobile units would assist in “Quick Response” to Cyber Crime complaints so that evidence should be secured at the earliest. It is needless to say that the evidence gathering team should be fully aware of the legal issues involved in maintaining the Chain of Custody and the Section 65B evidentiary certification requirements so that they donot accidentally render evidence un-usable.

The Advisory also suggests use of BPR&D resources for capacity building and release of funds for training of Police on Cyber Crime related skills. Hopefully it would be put to good use by the States.

Another important suggestion made by the advisory is to set up a “Cyber Intelligence” system to monitor the Internet including the “Deep Web”. This brings us back to another ancient suggestion made by Naavi to set up a “Friends of Cyber Police” system where voluntary members from the public would assist the Cyber Crime Police with information and assistance to track crimes.

We must however recall the recent incident where a hacking group had stated that when they had penetrated several sleeping terror cells and wanted to pass on the information to the Government, there was lack of interest . This was perhaps in Kerala where the State Government is known to be supportive of some communal forces and hence might not have shown interest. But I hope MHA must have by this time taken up the matter under their investigation and the Central Government should take steps to see that such complaints should not arise in future.

As regards “Online Complaints”, it appeared that the website mentioned in the advisory is still not functioning. I had recently put out a detailed article How Do We Improve Cyber Crime Management System in India?.. and also suggested a procedure  to Relieve Cyber Police in India of needless burden and make them more focused.I wish the suggestion is taken up for immediate implementation at least by some of the States.

This suggestion was based on an actual experience where it was found that Mumbai Cyber Crime Cell was reluctant to initiate an investigation of a complaint by issuing an IP resolution request and the delay will ensure that the tracking trails vanish. The Mumbai Cyber Crime Police were therefore guilty of deliberately allowing the potential accused to get away and the top management of the Mumbai Police were unable to take preventive action. This will remain an example of how corruption in the Cyber Crime policing system affect the success of Cyber Crime investigations and Naavi.org will continue to talk about this though it may not be palatable to MHA both in the center and Maharashtra state.

The suggestion of the online complaint receiving system along with the suggested “Friends of Cyber Police” and “Raising of IP resolution request by designated NGOs” would go a long way in addressing the issues raised by Naavi in the Mumbai Cyber Crime investigation fiasco.

I hope the MHA takes up follow up action on the Advisory and push at least the BJP ruled states to start implementing the suggestions.

Naavi

Reference Articles

How Long Will Google take to resolve an IP Address?… Make all intermediaries pay for the delay
I was on 16 and Going on 17….I need everyone….to know me and comply…says ITA 2000/8 Proposed Amendments to ITA 2000 and Privacy Protection
Redefining the scope of ITA 2008.. in the amendments..
Suggestions on Modification of ITA 2008
Domain Name Regulation in ITA 2000..to be amended
Police, Prosecutors and Judiciary: Please Don’t Create Fake Laws out of your misinterpretation
How to Relieve Cyber Police in India of needless burden and make them more focused

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.