WATBlog’s Take on India’s Outlook towards Cyber Terrorism and How To Impeach Privacy
(1 votes, average: 4 out of 5)
Loading ...
The Indian news vine seems to be full with the Indian government’s decision to keep a closer eye on the cyber cafes, thanks to recent terror attacks in the country. Already, a lot of cyber cafes have been asking for photo-id cards before you can go in & surf. Now come a few more regulations. First, Mumbai cafes have been asked to install CCTVs (closed circuit television) in addition to the already introduced system of logging identity cards. (Just pray that your wife won’t have the right to ask for footages to check on that ‘Candy Foxx’ you chat with, after office hours.) The cyber cafes have also been mandated to get registered on a Rs 100 stamp paper and shall also have to pay a renewal fee of Rs 250 every two years, alongwith Rs 500 per annum as registration fee. If you think that’s enough, here’s the rocker of all. The cyber cafe owners have been asked to store information regarding internet browser, website history, internet cookies, downloads and proxy logs, for the next 6 months!
Yes, we still think we are living in a democratic country. What I am surprised at is the lack of furore among the blogging community. First, I fail to understand how the Government is being allowed this serious an impeachment of privacy. Secondly, it also beats my intelligence on why the officials would get into so much of a hassle in their quest to track every single keystroke of the Indians.
Let us, first, try to find a more approachable solution to problem that the authorities face -
How to log every single key being pressed in India?
This is where I can see branded cyber cafes making big bucks! Establishments like Reliance Web Worlds, Zapak & Sify already have the required infrastructure in place. Users do need to get themselves registered before they can surf on the web. What I suggest is to include government issued identity numbers (like PAN Number, Driving License Number, Passport ID etc) as a part of the registration process. Since, surfers need to log in to be able to surf, all their online activities already get logged and tagged on their heads. Moreover, normally, the machines used in aforementioned establishments have been programmed to delete all private data after you log off. Since the authorities, anyway, plan to log every private detail, these softwares could be modded to first upload the data onto a central government server and then delete them off, thus relieving the cyber cafe managers off the load and responsibility of collating the data and storing them for 6 months. (Just a idea here - do you think Google Profile shall be interested to make a deal with the ruling party to share this huge data? In that case, how much would the data sharing process be charged for?)
Now coming to private entities - since such a registration system is absent in most of the privately owned cyber cafes, rather than trying to enforce logging of data, installation of cameras and taking surprise visits, Indian government could program such a software that would be capable to do all that I have suggested above and ship them to every cyber cafe owner, during their registration process. This software could also include applications that could automatically log how long a user had been online and after logoff, informs the owner how much to be charged for the time.
How to unify the complete system, so that cyber cafe users find peace of mind (ironic, eh?)
Since I have already mentioned the idea of a central government controlled database, it can also come up with the same login software for every single computer on the public domain, branded or non-branded, that can be made compulsory to be used. Next step would be to get the netizens registered into that database, with required documents, the way we do for gas connection, passport and the likes. Now, there remains no issue of carrying documents with you, 24×7, just because you suddenly might feel the need to go surfing. All you need to do is visit a cyber, log in to the central database and get going. This also saves the cyber cafe owners off all the hassles concerning high costs of installation and the hassles of maintaining records!
Finally, how can we prevent the breach of privacy?
Privacy? What’s that? Didn’t you know that India has decided to follow China’s footsteps?
Seriously, if you are reading this online (I specifically mention online ‘coz I have high hopes this article might get noticed and printed on some distinguished publication, one day :-P) there is a 99.999% chance that you access and use emails to communicate to your friends and acquaintances. Now, technically, it is very much possible for someone working with your email service provider to read through your emails. (I am considering emails here because that is what we consider to be our most private online property) Yet, how many times have you ever stopped sending a personal email worrying that someone somewhere might be stalking you? The factor here, is faith! You trust your email service provider that it won’t share your data with others.
You’ve got no choice but to show the same faith in our government too. We shall have to believe and trust that our data will be safe and secure with them. Truthfully, with the amount of data they already have, about us, any man can be scooped up and made never to exist, in the first place? You do not believe me? Suppose you had applied for the visa and suddenly realized that no data exists in the official servers, on you. You try ordering a gas cylinder and they tell you there is no registered account on your name. All of a sudden, you’ll realize there’s nothing in this world that can prove that you even exist, let alone having a private life!
Yes, there is a way to overcome all the dilemma (and I’m sure it won’t stay like that for long). All you need to do, if you do surf the internet, is buy a computer for yourself and start hunting for a free and unsecured wireless connection in your neighborhood. It has become quite a commonplace these days, anyway!
1) Everything that you do on the internet is as it is logged. So no need for any special tracking software by cyber cafes or govt. Anything that is done by a user is stamped with his IP address. The IP address will trace back to the cyber cafe and the log would be enough thereafter to track the user. So no need for govt to develop any software for this purpose.
1.5) For general billing and logging Cyber Cafe softwares are v famouns and made by reputed cos like rhombus tech.
2) Installing CCTV is not practical. Instead whoever doesn’t have a valid govt id should be asked to get his photo recorded on the cyber cafes webcam.
3) And registration of Cyber Cafes should have been online. I had personally seen Cyber Cafes shut down due to harassing by the cops (you know what i mean) when the user register rule was imposed some years back.
Here is a encounter i had with cops last week. http://annkur.com/2008/07/30/maintaining-law-and-order-isnt-easy-or-is-it/
With the falling rates of broadband, as it is CyberCafe margins are under pressure. Why increase their burden and kill the industry.
Alright people…!!! You stay in India. The popuulation is exceeding everything that can be measured… The government does not have trained staff to check cyber crime…. and the cherry on the top is that most of your police officers know their hindi and regional language but the computer language is unknown.
Therefore the practicality of the solution mentioned above- “these softwares could be modded to first upload the data onto a central government server and then delete them off, thus relieving the cyber cafe managers off the load and responsibility of collating the data and storing them for 6 months. (Just a idea here - do you think Google Profile shall be interested to make a deal with the ruling party to share this huge data? In that case, how much would the data sharing process be charged for?”
is as good as zero.
“What I suggest is to include government issued identity numbers (like PAN Number, Driving License Number, Passport ID etc) as a part of the registration process.”
how many of them have these identifications…?? unfortunately there is no system of social security numbers…here in India. That is the reason we have to have so many identification marks.
One of the biggest things that lacks in India is the lack of implementation of the IT Act.The act that was to provide relief from cyber crimes…itself was drafted by computer illetrates…so how do you expect that our intelligence will be able to keep up with the tech savvy killer machines…
Another thing that I would like to mention here is that though the IP Address are tracable… they can be traced to outside our country… and the Jurisdiction of our law finishes on the border. The western countries would welcome the investigations…but the Terrorists are in such countries who will not even welcome a dialogue with our diplomats let alone help initiate investigations in their country that too by our officers.
I know that the entire country will be shouting breach of privacy…breach of Fundamental rights… but all this is subject to the soveriegnity of our country. I am surprised none of you realise that what will you do with your privacy when you are being bombed…
Indian government is just trying its level best to control the terrorrists from bombing us alive…!!!
And I personally feel that the lack of co-operation that a common man gives to the government just gives the courage to the killer machines… instead to fighting against the government…for once we should get together and fight against the actual threat.
“government does not have trained staff to check cyber crime” - The Cases are investigated by (ASCL) Asian School of Cyber Law on behalf of the Govt. And they are the ones who are assisting in reforming and drafting the IT Act. Being a student of Cyber Crime Investigations, I can tell you that ASCL is qualified and capable of solving these cases.
“solution mentioned above” - As I said, everything is logged, govt needs to do no effort in logging data. So the soln about some software by the govt above is IMO not required. They have to only ensure that which person was logged in with that IP address.
“The act that was to provide relief from cyber crimes…itself was drafted by computer illetrates…so how do you expect that our intelligence will be able to keep up with the tech savvy killer machines…” - Sorry As i said, though it has loopholes, ASCL has cabaple ppl working for the govt.
“I know that the entire country will be shouting breach of privacy… …. lack of co-operation that a common man gives to the government just gives the courage to the killer machines” - The only cooperation the common man has to give is to make sure his Pc and WLAN connection is not misused by trojans and hackers for criminal purposes. Again privacy concern dosn’t come in here, coz as it is everything is logged and reviewed in case of a police case.
Just a little incomplete sentence in my earlier comment on line 9 & 10
“They have to only ensure that which person was logged in with that IP address … is TRACEABLE (Logged / Verified)”
What great solutions. Another one i suggest is immeasurable but worked like magic for Nazis. Alter citizens, shop owners can inform the police of any suspicion.
Allow me to highlight a more important perspective in the discussion (it was given a mere 2 line space in the article, but i think it deserves more merit than that).
Causing terror fundamentally would mean thinking beyond and thinking forward…be it 9/11, be it the domestic bombings, the terrorists have used ‘forward thinking’ to their best advantage. They used cyber cafes when we thought they wouldnt, now they are using the path which we ‘think’ they wouldnt!
Even in the recent case of Ahmedabad bombing it was proved right…I think it will be foolhardy for any terrorist to go to cybercafe and operate from there, because as you all rightly said, there is a formidable fear of being traced. So they are using the ‘wi-fis’. With the devices available dime a dozen, it becomes a cake walk for the miscreants to access the invisible internet gateways all around us and use it to their advantage. The problem and the solution therefore for us is :-
Educating the citizens on the importance of locking their wi-fis and not keeping it an open platform. Where I work, if I were to step out and search for wi-fis through my phone, I can trace atleast 10 open /free gateways.
Also the agencies have to really think futuristically. Cyber Cafe tracking to my mind is actually and incidentally futile now, the terrorists have moved forward with times…its about time that we do the same…
Come on…. I Agree with shitij. Any cyberterrorist dumb enough to even consider working from a CYBER CAFE Is asking to be caught. In this day and age of WIFI networks with horrendously insecure encryption and Wide open Free for all networks i don’t think anonymous and malignant connectivity is awesome. Consider this what is some one uses a Fake ID(God knows how easy that is to get in india). Use EDGE or 3G or Any other cellular data cards to roam around with a laptop and attack on the move and discard when its done. Hehehehehe all the so called “Intelligence” agencies will have is a pattern of cell grids lighting up showing where he has been.
very nice to see people lamming about cyber terrorism :-
1111…….
terrorsists are smarter than u fellow bloggers ……..cos they can use cell phones to transmit the data and how would govt keep track of 25 crore subscribers…and not to forget that the e-mails which govt traces are only for information sent to tv channels cos terrorist talk in crypted language with their fellow members……
2222……
as far as registration in cybercafe is concerned it would wipe off many cybercafe goers cos most of them are in the age of 13-17….so no documents and there parents wont be giving their documents for child’s play///
bad news for companies like ideacts
in this country i do not expect cyber terrorism to be countered (as u guys called it)any time soon what i only wish is that govt atleast govt sites are not compromised cos that jeopardies countries reputation and makes information available to hacker………so guys forget cyber terrorism and focus on anti hacking measures for govt servers……….
“they can use cell phones to transmit the data”??
GPRS? call? ya SMS? - Using a cyber cafe is safer than a Cell Phone.
“as far as registration in cybercafe is concerned” - Yeah thats true, proper registration would be difficult. But then I guess we aren’t banning internet for kids under 18. So School or College Ids would work.
“anti hacking measures for govt servers……….” - Precaution can be taken, but its a fact that No System in this world is 100% secure. Neither can it be, off course unless you shut it down, bury it in the ground and put an axe over it J
@abkur
in a country where one can get forged ration cards sim cards can be taken too……..wake up dude…………what u think terrorist use cybercafe to transmit their planning…..u must be kidding me………when cell phone can be used in jails and not traced ….same is the case with terrorist
222222………..
id cards are already asked by many white label cybercafe’s but it is of no use….should i xplain it in detail…..
3……
i know even u.s site gets hacked but in india service is more rampant and it was also showcased in economictimes that govt do not get pro level hackers due to low payout………
………
I feel tracing a cell phone is easier than a Cyber Cafe! Cell phone pin points the location of the person, while Cyber Cafe can only signify the place where the info was sent from.
And the name is Annkur!
what would u do after tracing a cell phone when all the addresses provided during registrations are forged…….and the sim card ends up in gutter……
what would u do after tracing a cell phone when all the addresses provided during registrations are forged…….and the sim card ends up in gutter……its not the name but the work that matters………..
Bhai,
1. The SIM card if used by the terrorist would give exact details to the police as to which area and route they were traveling to and from.
2. The options given by me above for Cyber Cafe norms. (comment 1)
3. I am not saying what they will use. But what should be the security norms, that won’t affect the common man. And would not open up further means of corruption and bribery.
govt can enforce any measures to protect cyber crime of all sorts under public scrutiny but people will find a way to beat the system specially here cos even after caught it would be very hard to prove the charges….and i mean it for all crimes………terrorist are much more mindful than us so never ever underestimate them………..instead of focussing on nagging people who send e-mails they should better be good in home security because in a country where people find it tough to fight terror govt running around cyber crime is just an excuse nothing else….wake up call for every one
Impressive dicussion…!!!
@Ankur-
I too am an ex student of ASCL. And I would like to say… that even though ASCL is actively involved in the tracing etc, it is very important to to educate our policemen and intelligence feild officers in the new technological advanced tactics of warfare.
@ Raghav-
You know, you are sounding as if you want that the government should fail in all its attempt to track the criminals. Do you have a better solution, for the problem…???
What really is needed is some strong policies that give a little autonomous status to the intellegence…!!! A separate cell and group of dedicated people for fighting this henious crime. Because the CBI is messing up big time… and they are more interested in making chargesheets against the dammed politicians…!!!
More stringent laws… and amendment of the IT Act along with the IPC and the CrPc. A special bench in the Supreme court just to try these cases… and no intervention of any God Damn NGO and Human right activists… (Afzal should be shot in public)
And I say this again… Its us who give the terrorists the room to operate… the day we turn against this all at once instead of being a mob for our politicians.. no one would dare put us under threat…!!!
this all discussion is about terrorist using cyber cafe as a gateway as i earler said they r smarter……doesn’t every1 know that the threat-mail in recent blast were traced to a wifi connection which again proves what i said earlier cyber laws will not help prevent terrorism what we really need is good home security….terrorist will not use means which we want them to use…..so forcing strict cyber cafe laws will not help any cause………
@sakshi there is a solution for everything but the only way our govt in india can do right is to outsource their technological requirement for cyber security to third party cos indian govt implemets wonderful schemes with many flaws….perfect example would be mid-day meal scheme which was a nice idea to make poor kids attend schools but what finally happen according to govt information 1\3rd of resources is wasted in mid-day meal scheme and it runs in crores so couldn’t an outsource to a third party had improved the quality of food coupled with more no. of studrnt deriving benefit from it…….i personally feel that cyber law would be the next big opportunity in tech business but not now after many years….cos with increase in cyber crime not just cyber terror but all sort of crimes would make every govt in the world think about policing the netizens population just like they control citizens….
the perfect solution will be to make mobile verification mandatory for e-mail accounts…..we can afford to do it cos there are 25crores+ mobile in india and only 5 crores internet surfers…..so every surfer must be having a mobile………
this would solve the bigger problem which is of abuse on internet cos people would be making less fake accounts and would mind their behaviour as rgey know that there mobile numbers are with e-mail provides……..this was even implemented by in.com…even this system can be bypassed with fake mobile accounts but how many people would buy a new sim card for new e-mail account for abuse purposes……this system if implemented would cos evry country to take notice of it and copy it …….but as i said indian govt just wants to follow the footsteps of us counterparts these kind of solutions r hard to expect with it this would keep a check on netizens activity and this was just a single piece of what we can do effectively cos there are many slutions to solve crimes
OMG - bye bye freedoms..bye bye privacy. Just wait and watch how copyright groups hijack government initiatives at tackling terror to their advantage. The game will change from a war on terror to a war on piracy.
@ Raghav:
YOU DO NOT OUTSOURCE YOUR LAWS AND HOME SECURITY….!!!
To supplement my answer I would simply say- That the kings in olden times outsourced their security needs to the brits…and then we were a slave nation…
If you have been reading your newspapers, you would know that the whole opposition to the nuke deal was about letting go of our soveriegnity.
There are somethings that cant be outsourced to any kind of third party. Next you would say that there is a backlog in the cases being heard by the judiciary, so we should outsource that too…!!! (You almost implied that only).
Like, Ankur said, the whole cyber crime is being investigated by a private body called ASCL. But I still stick to my points which I made in my previous comment. And my dear, mobile verification is mandatory… its just that we still live in a democracy and in a chinese society… !!!
read my word carefully this is wat i said:”can do right is to outsource their technological requirement for cyber security to third party cos”……did i ever mention outsource any home security or law making body to another company…….now in a country where govt allows 74% fdi in telecom sector which is of very sensitive kind to our security and 100 per cent private participation in defence industry with 26 per cent FDI in defence sector how come outsourcing cyber logging would make a dent into our economy and i only suggested outsourcing technological requirements like softwares, training govt personnels,and all others needs to put in place a proper mechanism to counterpart the problem because the problem is not just of cyber terrorism but of cyber abuse which is happening on a larger scale…… there could even be a law to cap the fdi for the companies participating in tender process
….and how come mobile verification became compulsory for opening e-mail account except the in.com case….
….isnt the case of opening an account online through mobile can be replicated for the whole net world be it pornography site or commerce site this would filter out bogus acounts…..
now the question on freedom of internet users………..stopping of abuse is not a breach of privacy but a meaningful need for human society to maintain law and discipline in the cyber world(a.k.a internet)…..
it could be of lesser scale than the patriot act in u.s cos small pain in people’s working could be compensated with higher security of their life…….
Super post Shayon.. you have kicked up quite a good discussion here…
Whoa! Take a chill pill, folks!
@ Raghav
Yes, I do understand that the Indian government can always outsource the mastermind to help them thread the whole idea into reality. However, I am not too sure if you’re aware of the fact that the brightest of the brains in the country happen to be employed by he defense? Yes, I do agree that, more often than not, there’s disappointment. Yet, I always have faith in the country’s intelligence bureau! They might be a bit slow, ‘coz of lack of exposure, but are yet better than the mosta round the globe!
Coming to your idea of mobile verification, even if I consider your given figures (regarding number of subscriptions) accurate, I think I should give you a piece of info that 5 years back, I didn’t possess a cell phone but did happen to be a proud of 56 working email addresses
I guess you are smart enough to gather my hint.
@ Annkur
I love the zeal with which you fight for what you believe in.
You say, every thing one does on the internet is logged? Well, yeah, it’s true. But how do you trace a certain activity back to the right individual?
@ Sakshi
Yes, I know that it is a huge concern over a man’s privacy. But did you ever stop back and think about the little question of faith on which I had concluded this article?
@ Shalini
Hehe…it was actually supposed to be a satirical post, u know
@ Maneesh
Thanks for the words of encouragement, man!