Indian cyberspace was born in 1975 with the establishment of National Informatics Centre (NIC) with an aim to provide government with IT solutions.
Three networks (NWs) were set up between 1986 and
1988 to connect various agencies of govt.
i. INDONET
which connected the IBM mainframe installations that made up India’s computer
infrastructure,
ii. NICNET (the NIC NW) a nationwide very small
aperture terminal (VSAT) network for public sector organisations as well as to
connect the central government with the state government and district administrations,
and
iii. ERNET (the Education and Research Network), to
serve the academic and research communities.
New Internet Policy of 1998 paved the way for
services from multiple Internet service providers (ISPs) and gave boost to the
Internet user base grow from 1.4 million in 1999 to over 150 million by Dec
2012.
Even though the Indian government took a while to convert
to computerisation, there has been an increasing thrust on e-governance. The
govts e-governance plan is seen as a cost-effective way of taking public
services to the masses across the country. Critical sectors such as Finance,
Energy, Space, Telecommunications, Defence, Transport, Land Records, Public
Essential Services and Utilities, Law Enforcement and Security all increasingly
depend on NWs to relay data for both communication purpose and commercial
transactions.
The National e-governance Program (NeGP) is one of
the most ambitious in the world and seeks to provide more than 1200 govt
services online.
Indian govt has taken many initiatives to protect
the critical infrastructure driven by IT within Indian cyberspace domain. Some
of the initiatives are as follows:-
(a) Legal Framework to include enactment of IT Act
(Amendment) 2008.
(b) Policy Initiatives.
(c) Cyber Security Initiatives.
Information Technology Act (IT Act) was enacted in
year 2000 to provide legal recognition for transactions carried out by means of
electronic data interchange and other means of electronic communication. To
establish a robust cyber security and data protection regime in the country,
the IT Act was amended in year 2008. It provides a comprehensive definition of
the computer system & tries to ascertain liability based on the type of
cyber crime committed ( Hacking, spamming, tampering, identity theft,
impersonation, cyber terrorism, pornography, child pornography). The act
introduces the concept of ‘sensitive personal information’ and fixes liability
of the ‘body corporate’ to protect the same through implementation of
‘reasonable security practices’.
The rules issued under the Act, also require corporates
to follow privacy principles such as notice, choice & consent, access &
correction, disclosure to third party, etc.
The amended Act provides provision for legal action
against a person for the breach of confidentiality and privacy, under lawful
contract. Critical systems can be declared as ‘protected systems’ under the
Act. Security breaches of such systems attract higher prison sentences.
The amended Act also enables setting up of a nodal
agency for critical infrastructure protection and strengthens the role of
CERT-In (Indian Computer Emergency Response Team). This Act creates provision
for the central government to define encryption policy for strengthening
security of electronic communications.
Presently, encryption of upto 40 bits is allowed
under the telecom policy.
Cyber Appellate Tribunal, which is now operational,
is expected to expedite legal proceeding of cyber crime cases. Overall, the IT
(Amendment) Act, 2008 is an omnibus and comprehensive legislation which
includes provisions for digital signatures, e-governance, e-commerce, data
protection, cyber offences, critical information infrastructure, interception
& monitoring, blocking of websites and cyber terrorism.
No comments:
Post a Comment