Harshita Singh,
Faculty of law, BHU
INTRODUCTION
We are living in a globalized digital age, and even the remote person is aware of the happenings of the globe. The concept of a global village is a reality, and it is not new that Indian laws are inspired by international legal frameworks. But, as far as cyber law is concerned, International cyber laws play an imperative role in framing the laws of India. The digital landscape was emerging; the need to shield cyberspace was felt necessary. This scope included the protection of citizens from the growing threat of Cyber Crime and ensuring a secure environment for trade and business to flourish.
A country cannot work alone; international trade and commerce are getting more dependent on e-based infrastructure. Hence, India's support to make its cyber laws align with the rest of the globe is strategic and vital. It impacts the ability to conduct frictionless international transactions, build trust in international partnerships, and ensure that Indian entrepreneurs can compete advantageously in the international marketplace. This also highlights the point that India believes in responsible digital governance, which is inevitably going to attract foreign investment and collaboration in technology. This will enhance the global image of India.
Before the Information Technology Act 2000 (IT Act)
There were some cyber regulations in India, although they were not as comprehensive or specific to cyber issues as the IT Act itself. There were: -
• Indian Penal Code (IPC) of 1860: It does not contain anything specific for cybercrimes, but certain sections of IPC can be applied to offenses committed using computers or the internet. While not specifically designed for cybercrimes. For example, provisions related to fraud, cheating, forgery, and defamation could be relevant in some cybercrime cases.
• Indian Evidence Act of 1872: In this act the provisions of admissibility of electronic evidence which could be applicable in cybercrime investigations and prosecutions were there. But nothing was particularly for the specific challenge of digital evidence.
• Specific Sectoral Regulations: Certain sectors, i.e., banking and finance had some rules and regulations regarding electronic transactions and data security. But They had limited scope.
All the above legal mandates for addressing cybercrime in India before the IT Act were independent and hence were lacking complete essence.
International Influence on Indian Cyber Law: -The journey of India in cyber law is devised by the gradual incorporation of international legal principles.
❖ Early Development of Indian Cyber Law: India's journey in cyber law began with the passing of the Information Technology Act in 2000 (IT Act)[i]. This milestone legislation, while doing a commendable job at that time, is still seen to be providing a very rudimentary understanding of the electronic landscape. It borrowed copiously from the UNCITRAL Model Law on Electronic Commerce of 1996[ii], which did reflect India's yarning to latch its legal contour to the established international contours for the e-world. However, it was focused only on enabling e-commerce and facilities for digital transactions. This had tried to do the following:
• Provide legal recognition to electronic relationships and electronic records of the dealings or transactions conducted over the Internet.
• Providing for directed e-governance and the facility for filing and submitting documents with different government authorities online.
• Promoting leveling e-commerce and associated legal issues, including digital signatures, e-contracts, and online payments.
❖Increasing Scope and International Cooperation: - However, as cyber threats and the transnational nature of cybercrime evolved, a more sweeping legal framework became necessary. In 2001 Council of Europe adopted the Budapest Convention on Cybercrime, it is the first international treaty on cybercrime, India became a signatory to this treaty in 2008[iii]. In that year only amended the IT Act to include the provisions of cybercrime, data protection, and intermediary liability. There was a shift in focus from trade to encompassing cybercrimes. It introduced several new sections specifically addressing cyber crimes including:
• Identity theft
• Cheating by impersonation using computer resources
• Breach of confidentiality and privacy
• Cyber terrorism
• Publishing or transmitting sexually explicit material
• Child pornography
• Disclosure of information in breach of lawful contract
❖ The UN Declaration and National Initiatives: - In 2011 The UN General Assembly resolutions on "Developments in the Field of Information and Telecommunications in the Context of International Security"[iv]addressed the issue of offering international cooperation imperative for addressing cyber threats. In turn, India in 2013 institutes the National Cyber Security Policy as well as the National Critical Information Infrastructure Protection Centre (NCIIPC)[v]. It was established as a nodal agency that strengthened the cyber legal framework to safeguard the critical information infrastructure (CII) of India. It has two objectives to fulfill,
• Identifying and Designating Critical Information Infrastructure: it will Identify sectors and infrastructure that are critical to the nation's security, economy, public health, or safety, and designate them as CII. This includes sectors like power, finance, telecommunication, transportation, and government systems.
• Protecting CII from Cyber Threats: Implementing measures to secure CII from cyberattacks, cyber espionage, and other cyber threats. This involves risk assessment, vulnerability management, incident response, and security audits
❖Further development: - The General Data Protection Regulation, called the GDPR, of the European Union[vi], was passed in 2016 and came into force in 2018. In India also the right to privacy was declared a fundamental right under the constitution by our Honorable Supreme Court in Puttaswamy v. Union of India (2017)[vii]. This decision has had far-reaching implications for data protection and privacy laws in India. All this led to the passing of the Personal Data Protection Bill of 2023, which seeks to regulate cross-border data flows and data localization while seeking the protection of the personal data of Indian citizens. PDPB has also incorporated the regulations given under GDPR.
The Path Forward
What is further, this question will always remain hovering over us, and also in such a dynamic realm of cyberspace where everything changes in a short period. What is expected: -
Continuous Engagement with Evolving International Legal Developments: - Digital Technology is evolving at an unprecedented pace. Cyber threats and criminal tactics are continuously changing, and international laws and standards should also be regularly updated to address these new challenges. And Indian lawmakers need to incorporate these insights into law, then only the country can make sure its cyber laws remain relevant and effective. For example, the advent of Artificial Intelligence has put many questions before the law, for which there is no specific law currently, although developments are there, and the EU has also proposed a law. It shows how laws need to upgrade themselves with evolving technology.
Strengthening International Collaborations to Combat the Transnational Nature of Cybercrime: Cybercrime has no borders. It is difficult for a single nation to tackle it alone. Collaboration in sharing information and coordinating in investigation can only bring these cybercriminals under the law. India should actively participate in international agreements and partnerships aimed at combating cybercrime.
Protection of Fundamental Rights and Freedoms in the Digital Realm: Increasingly, as more of our lives go online, our fundamental rights, be it freedom of speech or privacy, find new meaning. But these rights can, at times, get into a tussle with the need for security and law enforcement. The Indian cyber law needs to strike a very proper balance between these competing interests.
Considering the aforementioned factors, India can ensure that its cyber law framework remains resilient, adaptive, and respectful of individual rights within the increasingly complex digital order
Conclusion
India’s experience with cyberlaw is a testimony to the dynamic give-and-take between national interests and international cooperation. As the world continues to go digital, the lawmakers and legal professionals in India must continue to keep a close watch to ensure that the process of legal framework is speeded up, keeping abreast with the process of technological development, at the same time safeguarding the policy of national sovereignty and individual rights. As India learns from international best practices and enhances global cooperation, it will create a strong, firm, and hearty cyber legal regime that will promote users, increase innovations, and establish a safe and secure digital future for everyone.
References
[i] Information Technology Act 2000
Ministry of Electronics and Information Technology, Government of India
[ii] United Nations Commission on International Trade Law (UNCITRAL). (n.d.). UNCITRAL Model Law on International Commercial Arbitration. https://uncitral.un.org/en/texts/arbitration/modellaw/commercial_arbitration.
[iii] Information Technology Act 2000
Ministry of Electronics and Information Technology, Government of India
[iv] United Nations General Assembly. (13 November 2013). Developments in the field of information and telecommunications in the context of international security (A_68_406-EN ). United Nations Digital Library. https://digitallibrary.un.org/record/760918?v=pdf.
[v] National Critical Information Infrastructure Protection Centre. (2019, January 24). Website of National Critical Information Infrastructure Protection Centre. [National Portal of India]. https://www.india.gov.in/website-national-critical-information-infrastructure-protection-centre.
[vi] European Union (EU). (n.d.). General Data Protection Regulation (GDPR)https://gdpr-info.eu/.
[vii] K.S. Puttaswamy and Anr. vs. Union of India ((2017) 10 SCC 1).
Comments