CyberLaws: Ensuring your trash doesn’t become someone’s treasure
Ensuring the safety and security of personal data is very important, however with the rise of cybercrimes globally, there was a need for a structure or authority that includes laws that identify standards of acceptable behavior set particularly for Information and communication technology users. Cyberlaw in general protects and prevents harm to data, systems, infrastructure, and people. Cyberlaw is not only the protection of human rights but it also sanctions the investigation and prosecution of crimes committed online. Cyberlaw is designed to keep a check on the activities conducted online and to protect people from any sort of abuse or harm in the digital space. To describe it in the most appropriate way, it is “paper laws” in the “paperless world”.
ROLE PLAYED BY CYBERCRIME LAWS
Cybercrimes are unlawful activities that are usually traditional in nature – forgery, theft (identity theft), defamation are subject to the Indian Penal Code. Cybercrime can be used by making the device as a target and using one device to attack or steal information from other devices, examples of which are Hacking, Virus/Worm attacks, DOS attacks, etc. In a different case, devices can also be used as a weapon to commit real-world problems of virtual crime which include Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography, etc. While the Internet has become a very prominent tool for all businesses and individuals, it comes with its fair share of trouble. To become a victim of illegal cyber activities like fraudulent transactions is very common and a lot of people from our family and friends have faced it too. Cyber laws mainly exist to protect people from becoming a victim of online fraud and it also sets certain rules for internet users. They are extremely helpful for business organizations that operate on a system on a daily basis; many organizations follow policies, legal regulations, and cybersecurity guidelines that are important for employees to work safely.
CYBER LAWS AND ACTS FORMULATED BY THE INDIAN GOVERNMENT
The government of India framed The Information Technology Act, 2000 which provides legal protection and recognition for all transactions carried out online. It is aimed at safeguarding all the data and communication exchange that takes place and it also prevents the unlawful use of the operating system. There is a lot of information and records that are stored in a computer system, it can include the data of employees, clients, or even in a completely different setting, data of students and healthcare workers which can be damaged or used for unauthorized activities. The IT act specifically punishes those involved in cybercrimes like hacking, denial-of-service attacks, phishing, malware attacks, identity fraud, and electronic theft.
The Indian government has also launched ‘Cyber Swachhta Kendra‘ as part of the Government of India’s Digital India initiative. Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) aims to create secure cyberspace in India. In order to prevent further infections, it notifies, enables cleaning, and secures systems of end users.
OTHER RULES AND REGULATIONS FRAMED UNDER THE IT ACT:
- The Information Technology rules 2011 ( Sensitive personal data or information – SPDI rules)- security rules and practices to be taken care of for the collection and processing of any personal data or sensitive information.
- The Information Technology Rules 2018 ( Procedures for the protected system) – It states the specific information security measures to be executed in organizations or companies that have protected systems.
- The Information Technology rules, 2011: This implies reasonable security practices to be implemented that require intermediaries to set up some procedures and rules to secure their resources and information.
MEASURES TO PROTECT YOUR COMPANY FROM CYBER ATTACKS
By conducting a regular assessment of the vulnerabilities and issues detected in their systems, by including ethical and focused hacking, companies can ensure secure practices. Organizations can also reach out to CERT-In and seek help on incident recovery by sharing the damage and thereby, restoring their systems to operation. Maintaining proper records and storing them in secure locations is necessary to adhere to the security standards. It is important for organizations to have proper auditing policies as well, they help to effectively collect all information logs relating to events occurring in the networks and systems. CERT-In is the national agency that is responsible for cybersecurity. CERT- Computer Emergency Response Team holds the authority to ask for information and give directions to service providers, corporates, data centers, etc., it functions under the IT act and CERT rules.
WORLDWIDE CYBERSECURITY LAWS: REGULATIONS & DIRECTIVES
India is a developing country and in terms of the Cybersecurity and IT sector, it still has a long way to go. In developed countries like the United States, common people have acquired a lot of knowledge and awareness about cybersecurity and IT laws as compared to those in India. On the other hand, India is also taking huge steps to make the country efficient to provide better services and protection in the cyber sector. In 2013, the government of India introduced a National Cyber Security Policy with the motive of protecting information infrastructure, reducing vulnerability, boosting capabilities, and safeguarding it from cyber-attacks. India is now on its way to make the IT laws more efficient that currently needs some amendments which can be possibly seen in the near future; along with this India also requires a strict and dedicated law for cyber attacks and cases that need FastTrack solutions. The absence of a comprehensive data protection law that divides cybersecurity responsibilities between all relevant stakeholders is also an issue of concern.
THE GOVERNMENT AND PRIVATE SECTORS COOPERATE TO DEVELOP CYBERSECURITY STANDARDS
The government of India takes suggestions from the private sector and issues consultation papers with regard to the formulation of cyber laws and policies. The National Cyber Security Coordinator and Data security council have also initiated an online account to make it convenient to exchange and collaborate for various matters focused on Cybersecurity between businesses and academia (education and research), this online repository has been named “Tech Sagar”.
The government of India has been taking several measures to facilitate a safe environment digitally, people need to be more aware of cyber laws that safeguard them against unlawful activities occurring in the virtual world. With the coronavirus pandemic, there has been a rise in cyber attacks since everything now is virtual and facilitated in the digital space, we all need to be more aware and responsible in this rapidly growing tech world.
Read about Indian & Worldwide CyberLaws