Sunday, February 25, 2007

Cybersecurity

This blog entry relates to Cybersecurity, including cyber forensics, with a closer look into how these are applicable in India.

The Information Technology is double-edged sword, which may be used for destructive as well as constructive work. Thus, the fate of many ventures depends upon the benign or vice intentions, as the case may be, of the person dealing with and using technology. The use of techniques used for hacking, data theft, virus attack, etc can bring only destructive results unless and until these methods have been used for checking the authenticity, safety, and security of the technological device which has been primarily relied upon and trusted for providing the security to a particular organization.

Cyber Forensics

The concept of cyber security and cyber forensics are not only interrelated but also indespensably required for the success of each other. The former secures the ICT (Information and Communication Technology) and e-governance base whereas the latter indicated the loopholes and limitations of the adopted measures to secure the base. The latter also becomes essential to punish the deviants so that a deterrent example can be set. There is, however, a problem regarding acquiring expertise in the latter aspect. This is so because though a computer can be secured even by a person with simple technical knowledge the ascertainment and preservation of the evidence is a tough task. For instance, one can install an anti-virus software, firewall, adjust security settings of the browser, etc but the same cannot be said about making a mirror copy of hard disk, extracting deleted files and documents, preserving logs of activities over internet, etc. Further one can understand the difficulty involved in the prosecution and presentation of a case before a court of law because it is very difficult to explain the evidence acquired to a not so techno savvy judge. The problem becomes more complicated in the absence of sufficient numbers of trained lawyers in this crucial field.


The Cyber Forensics has given new dimensions to the Criminal laws, especially the Evidence law. Electronic evidence and their collection and presentation have posed a challenge to the investigation agencies, prosecution agencies and judiciary. The scope of Cyber Forensics is no more confined to the investigation regime only but is expanding to other segments of justice administration system as well. The justice delivery system cannot afford to take the IT revolution lightly. The significance of cyber forensics emanates from this interface of justice delivery system with the Information Technology.

The need of Cyber Forensics

The growing use of IT has posed certain challenges before the justice delivery system that have to be met keeping in mind the contemporary IT revolution. The contemporary need of Cyber Forensics is essential for the following reasons:


The traditional methods are inadequate: The law may be categorised as substantive and procedural. The substantive law fixes the liability whereas the procedural law provides the means and methods by which the substantive liability has to contended, analysed and proved. The procedural aspects providing for the guilt establishment provisions were always there but their interface with the IT has almost created a deadlock in investigative and adjudicative mechanisms. The challenges posed by IT are peculiar to contemporary society and so must be their solution. The traditional procedural mechanisms, including forensic science methods, are neither applicable nor appropriate for this situation. Thus, “cyber forensics” is the need of the hour. India is the 12th country in the world that has its own “Cyber law” (IT Act, 2000). However, most of the people of India, including lawyers, judges, professors, etc, are not aware about its existence and use. The traditional forensic methods like finger impressions, DNA testing, blood and other tests, etc play a limited role in this arena.


The changing face of crimes and criminals: The use of Internet has changed the entire platform of crime, criminal and their prosecution. This process involves crimes like hacking, pornography, privacy violations, spamming, phishing, pharming, identity theft, cyber terrorisms, etc. The modus operendi is different that makes it very difficult to trace the culprits. This is because of the anonymous nature of Internet. Besides, certain sites are available that provides sufficient technological measures to maintain secrecy. Similarly, various sites openly provide hacking and other tools to assist commission of various cyber crimes. The Internet is boundary less and that makes the investigation and punishment very difficult. These objects of criminal law will become a distant reality till we have cyber forensics to tackle them.


The need of comparison: There is a dire need to compare the traditional crimes and criminals with the crimes and criminal in the IT environment. More specifically, the following must be the parameters of this comparison:

Sunday, February 11, 2007

Freedom of Exrpession on the Internet

As part of my first blog entry, I want to concentrate on why exactly Freedom of Speech and/or Expression is such a big deal where the Internet is concerned. Let's face it - The Internet is by far the easiest form of communication for people of all ages and all geographical locations. In essence, its a large common area where anything that anyone wants to say can be heard by anyone else on the Internet. Over the last few years there have been many debates regarding the extent to which people should be allowed their right to freedom of expression on the Internet. In my opinion, although the net provides an average person with the power to speak his/her mind out to over a million people worldwide, no country should have the right to censor the contents posted by another user, unless it causes a direct physical threat to some other user.

This very principle of freedom of expression is the most important value that a society can uphold, if we are to believe that progress of human civilization depends on individual expression of new ideas, especially unpopular ones. People who have used the Internet realize the value of this freedom, as they have been benefited by its ease of access. Examples exist such as the
Tiananmen Square rebellion in China in 1990, where the Internet kept Chinese communities around the world, especially in universities, in touch with the current events through email and the newsgroups, bypassing all government censorship. If believed that there is an inherent value in truth, and that the average human being has the right to know this truth, especially that regarding his community, then the ability of the Internet to promote freedom of expression is very important. Although attempts have been made, and have been somewhat successful, in censoring or regulating the content provided to users in many countries, there is often a price that must be paid for this regulation, which may be quite high in the long run.

On a social level, one may argue that if all the potentially dangerous or offensive material were to be removed from the net, it would be reduced to a “child’s reading room”3. Citizens of a country should be allowed to view information that is true and precise, rather than being fed a sugar-coated version. Secondly, the very fact that censorship of the Internet attacks the underlying First Amendment of the U.S. Constitution should be enough to outlaw such censorship. Thirdly, an open marketplace of ideas provides a populace with the best means of making an informed decision, and lastly, it would be impractical to censor all content on the Internet. If one country were to ban the viewing of some website, the content could easily be transferred to an offshore location and be viewed just as easily as before.