CYBER LAW is seen as an essential component of criminal justice system all over the world. The same applies to cyber law of India as well. In the Indian context, the Information Technology Act, 2000 (IT Act, 2000) is the cyber law of India. It is the exclusive law in this regard and is under the process of amendments.
India has done a good job by enacting a cyber law. It is the 12th country of the world having a cyber law. It covers areas like e-governance, e-commerce, cyber contraventions and cyber offences. However, some critics and cyber law experts have questioned the strength of IT Act, 2000. It would be prudent to analyse the exact position that applies to the Indian cyber law.
Praveen Dalal, the leading techno-legal ICT, cyber law, cyber security and cyber forensics specialist of India, says, “Although India has done a good job by enacting the IT Act, 2000 yet it failed to keep it updated. For instance, we need express provisions and specified procedures to deal with issues like denial of service (DOS), distributed denial of services (DDOS), bot, botnets, trojans, backdoors, viruses and worms, sniffers, SQL injections, buffer overflows etc. These issues cannot be left on mere luck, implied provisions or traditional penal law of India (IPC). Even issues like cyber war against India or cyber terrorism against India have not been incorporated into the IT Act, 2000 yet.”
Some of these issues are also cross-linked with capacity building requirements of India in the field of cyber security in India and cyber forensics in India. A crucial truth that India failed to appreciate is that e-governance in India is useless till we are capable of securing it as well. Without the crucial capabilities in the fields of cyber security and cyber forensics, India is heading towards a big trouble. Even the basic ’e-mail tracking’ procedures sometimes pose as a big challenge before the law enforcement agencies in India. Interestingly, some of the legal experts have shown their support for prosecuting owners of e-mail addresses and Internet Protocol addresses relying upon ’common law principles’ not knowing exactly the nature of the Internet.
“It would be a ’dangerous trend’ to follow to arrest or detain suspects on the basis of mere ’IP addresses’ or ’e-mail addresses’ as they are very easy to be spoofed and forged. Even MAC addresses can be spoofed in certain circumstances and for many purposes, particularly for identity theft cases in wireless connections. It is important to apply common sense and first ascertain the identity of real culprit. Of course, it requires tremendous cyber forensics expertise to correctly trace the culprit. The recent case of wrongfully arresting an innocent person and imprisoning him for a considerable time is a glaring example of faulty and novice cyber forensics application in India. The inability of the Government of India to meet these conspicuous deficiencies of the legal enablement of ICT systems in India is stifling the growth of ICT laws in India,” explains Dalal.
The present cyber law of India does not cover these issues and there is a dire need of incorporating the same as soon as possible.
