Saturday, April 12, 2008

Interview with: Pavan Duggal; Advocate, Supreme Court of India

A warning against the Internet’s dangers


Cybercrimes ranging – from child pornography and racism to identity theft, fraud and cyber terrorism – were addressed at a Council of Europe conference in Strasbourg on April 1 – 2.

More than 200 participating experts from all over the world, as well as representatives of governments, police forces and the Internet industry – including Microsoft, eBay, Symantec and McAfee – interacted in a series of workshops while reviewing the effectiveness of current cybercrime legislation, identifying new threats and trends and discussing ways to improve international co-operation and the functioning of the 24/7 contact points.

The guidelines were floated based on the existing Council of Europe Convention on Cybercrime and call for formal partnerships between internet service providers (ISPs) and law enforcement.

On the sidelines of the Conference, Pavan Duggal, Advocate, Supreme Court of India; President, Cyberlaws.Net; President, Cyberlaw Asia; Member, .org Advisory Council, spoke to Tejinder Singh, Editor-in-Chief of New Europe about his experience and vision on the subject.

Q.

The guidelines adopted at the Conference are voluntary for ISPs and law enforcement, and are intended to be a set of best practices to supplement a particular country’s existing laws against cybercrime. Do you find these enough to face the growing menace of cybercrime?

A.

The guidelines adopted at the conference are a very interesting way to deal with the emerging menace of cybercrime. Considering the fact that different countries across the world have different national legislations that impact cyber crimes in one way or the other, it is extremely important to come across a common platform of understanding which should encapsulate the best practices pertaining to cooperation and sharing of information between the law enforcement agencies and the network service providers.

In this regard, the guidelines that have been approved at the conference are a tremendous move forward. The said guidelines are the repository of all prevailing international best practices pertaining to cooperation between law enforcement agencies and the Internet service providers.

Although these are voluntary in nature, these become the starting point for developing a healthy cooperative relationship between the police and the network service providers. The said guidelines cover in detailed and minute manner, the various nuances that are essential for a healthier relationship between the law enforcement agencies and the service providers.

I personally see the guidelines adopted at the conference as a great step forward and subsequent attempts will only try to better the existing body of knowledge that has been so encapsulated in the best practices that have been so encapsulated in the said guidelines.

Q.

What are the legislative avenues available to law enforcement officials to tackle cyber crime?

A.

There are various legislative avenues that are available to law enforcement officials to tackle cybercrimes. The said legislative avenues depend upon nation to nation and depend upon the various prevailing laws that have been so legislated and prevailing at the relevant time in the concerned national jurisdictions. For example, to take the case of India, India has got a distinct law relating to the electronic environment which has detailed provisions on various cyber crimes and the punishments of the same.

Q.

Being a cross-border crime, what do you see the future at the global level?

A.

The future belongs to Cybercrime. The last decade has shown that while technology has developed on a neck breaking speed, the law is invariably behind technology when it comes to regulating cyber crime. That explains the reason why, despite having the best of intentions, nations are not able to keep abreast. Their existing laws are still not able to tackle cybercrime and the cutting edge level. In the coming times, I have reason to believe that cybercrime is going to grow extremely rapidly, who will become extremely sophisticated and will become far more pervasive in the relevant years.

Q.

According to some experts, France, UK and US have good legislation while rest of the world including rest of Europe is still struggling to get a hold on the situation? How do you see the progress being made in this sector?

A.

The progress in the area of having appropriate national legislations to regulate cybercrime has been very erratic. There have been some nations which have come across with good legislations to prevent and regulate cyber crimes. However the vast majority of the nations still have no clue on how to effectively deal with cyber crimes. I think the progress in this area, progress will also be in fits and starts. We are not likely to have a uniform trend of all countries simultaneously coming up with good legislations to cover cyber crimes.

Q.

India, a vibrant democracy and open society is on a fast track to the Virtual World. How do you perceive the Indian government handling the situation arising out of this?

A.

The Indian government has been alive to the need for regulating various kinds of kinds of cyber crimes. Despite the fact that the Indian Information Technology Act 2000 is an ecommerce enabling legislation, still the Indian government inserted various provisions concerning different cyber crimes and the punishment in order to effectively regulate emerging cyber crimes in India.

Various provisions concerning different cyber crimes were inserted in the Indian Information Technology Act 2000. The cyber crimes covered include the offence of hacking, damage to computer source code, publishing obscene electronic information, breach of protected system, breach of confidentiality and misuse of Digital Signature certificates.

Q.

Indian police are still considered a baton-wielding, tobaccochewing and rough-handling force so how do you see it coming to grips with cybercrime?

A.

This is one of the big challenge areas. It is true that the Indian police has to change itself radically in order to come to grips with cybercrime. A majority of people in the Indian police do not even have knowledge of computers and their functionality.

Under the Indian cyberlaw, since cyber crimes are perceived to be specialised crimes, they can only be investigated by police officer not below rank of a Deputy Superintendent of police.

However, practical experience has shown that DSPs invariably do not have the time to investigate cyber crimes. It is high time that the Government comes up with a dedicated budget on creating more awareness and training on cybercrimes.

Q.

As you are actively involved at domestic level in the prosecution of Cybercrime, please give some examples of how it was tackled and what you expect in future?

A.

I am involved on a very active level at the domestic level in India. I was the counsel for the complainant in India’s first cyber crime conviction that took place in 2003. This is a case where my client was a big multi-national electronics company and on its own website, a call centre executive had misused the credit card number of an American lady who had no knowledge of the transaction. The Central Bureau of Investigation registered the case of the complainant and thereafter arrested the call centre executive, who was convicted for online cheating. Thereafter there has been only one the conviction pertaining to cyber crime in India.

Q.

Moreover, how these experiences can be shared at global level?

A.

The experiences of India can be shared on a global level. India can also become a model leader, if it comes up with adequate and effective provisions which are a deterrent against the commission of cyber crimes. In addition, these experiences can be shared at the global level for developing countries, who have not enacted any cyber laws, and/or laws on cyber crimes in order to not reinvent the wheel but leapfrog keeping in mind the experiences of nations like India in regulating cybercrimes.

Q.

What are your recommendations to Indian federal and state governments when it comes to dragging their feet while making legislation on this subject?

A.

My recommendation to the Indian federal and state governments is that India as a nation needs to act very fast when it comes to the area of the regulating cyber crimes. In India, it will be imperative to have an appropriate dedicated legislation specifically dedicated to cyber crime, which should supplement the Indian Penal Court.

Q.

How vulnerable we are today in the growing social technical world?

A.

We today are extremely vulnerable in the growing social technical world. The Web 2.0 phenomenon has brought in social networking as the norm of the day. People are getting onto the social networking bandwagon without any application of mind and without thinking the potential consequences of revealing all their personal information on such networks. If people today are not careful about placing their personal information on the Internet, they may have to repent for a lifetime for the same. Unfortunately people have no clue about what kinds of information is being targeted and misused by Cyber criminals. People need to be extremely careful about the dangers of Internet as they emerge.

Q.

How has your experience been enhanced by attending this Council of Europe Conference on Cybercrime?

A.

The Octopus Conference on Cybercrime organised by the Council of Europe has been a unique learning opportunity. The quality of speakers, the variety of subjects covered and the depth of the discussion that has taken place, has been remarkable and the said conference has immensely increased enhanced my perspectives on various nuances of different emerging cyber crimes and its related trends across the world.

This conference has provided not just an opportunity to listen and interact with the best minds working in this area but also has provided a platform to share about the ongoing developments pertaining to Cybercrime legislation that exists in India.

This conference has also enabled me to update the members of the world community about the various developments that are taking place in India pertaining to regulation and prevention of Cybercrime.

All said and done, this conference has been an excellent opportunity for learning, interaction and more importantly for expanding the midstream horizons and discussing about newlyemerging trends and thought processes concerning cyber crime across the world.

No comments: