Reading time : 12 minutes
Hackers attack the sufferers at an individual as well as at the collective level, cybersecurity not only ensures the fortification of one’s personal information indeed assures safeguarding and preserving a nation’s security and sovereignty.
The IT revolution in India has permitted the fluctuating of enormous data in the cyber world and hence making her vulnerable. To that respect recently the Facebook, WhatsApp, Twitter controversies came upon. Besides these, even a few countries are involved in the process of cyber-attacks against India and that is primarily Pakistan and China. These two nations are the only ones that pose the major hazard in the cyber world against India
The phrase privacy has been determined via a Latin title privatus which alludes to “limited or restricted to the utilization of oneself”. Privacy is an important topic and hence is used more frequently but interestingly no law has explicitly defined what is privacy. In common parlance, it can be well-defined as a “right to bodily integrity”
According to Merriam-Webster “Privacy” means freedom from an unsanctioned invasion. The definition is still not clear because the concept of privacy is content-specific and hence it depends or varies from case to case.
Many scholars around the globe have attempted to provide a precise, clear and overarching definition of privacy, woefully, all the definition provided included 4 common phrases above which nothing else was inserted and those terms are as follow;
In my opinion, privacy can also be defined as a state of mind where the other person does not have access either in person or to information. Thus, privacy is a fluctuating phrase that depends upon case to case. So, providing a single and specific definition of privacy would not be a justice to the same.
The concept of national security is pivotal to every nation which refers to the situation where the government ensures that the states and their citizens are protected and safe and assure these via political, economic, diplomatic and military mightiness.
Above all these, the states have a wider obligation concerning the protection of the fundamental rights of citizens, guaranteeing appropriate working of the democracy and establishing an atmosphere of amity and synchronization.
“National security is all about the free will of the government to take apposite decisions and guaranteeing country’s sovereignty and territorial integrity.
According to Collins dictionary, national security is defined as the ability of the government to protect itself from the threat of violence and so on.
In the year 2018, a landmark judgment was pronounced by the Hon’ble Supreme Court of India in the case of Retd. J. K.S Puttaswamy v. Union of India & Ors., 2018. In this case, the court observed that privacy is a fundamental right and is protected within the ambit of Article 21 of the Indian Constitution.
In the said case, the hon’ble court additional laid down 3 key tests to detect whether privacy is violated or not.
- Existence of law: when there is a presence of legislation for the collection of data.
- Legitimate state interest: the state has enacted a law to maintain peace and security.
- Test of proportionality: the purpose of collecting data is to achieve the state’s goal.
The court further directed the government to have an effective data protection law in India.
Cyber warfare is an illegal or felonious procedure or method utilized by one nation against another nation to manipulate the information network of the country, this exploitation is executed with the help of computer virus, hacking and so on. There are various ways in which cyber warfare is done;
- Purloin of confidential data,
- Immobilizing and hampering the financial data,
- Unsettling vital facilities,
- Unsettling authorized websites and systems etc.
Chiefly, there are two classifications of cyber warfare namely;
In sabotage, the offender country outbreaks another country’s vital infrastructures like power plants, hydro plants, grid system, nuclear establishment etc. In this process, the entire networking arrangement of the setup are hijacked and are jammed from regular functioning. This is a most important matter that can lead the country into crisis because it abruptly interrupts the regular day to day events not only of the country as well as of the citizens.
Recently, the issue of sabotage was experienced throughout the world;
- GhostNet; recently GhostNet gain huge attention as it is a malicious software program that utilizes Remote Access Tool (RAT) which steals crucial data along with this it even controls the system being hacked. The RAT system allows the hacker to have control over the targeted system whenever he/ she gets online.
It is believed that this system was found in the year 2009 in China, but China vehemently refuses such allegation.
- Stuxnet; was another virus that gains attention in the year 2010. It is believed that the said virus was developed by the USA and Israel together to monitor the development in targeted nations concerning industrial operation, power plants and so on. The USA’s purpose was just to monitor and sabotage Iran’s nuclear program.
Espionage is another cyber warfare tool where spying over the nation’s organizations is considered which illegally extract the information of other targeted nation.
For instance: the USA trying to get secret and confidential information concerning India through Pakistan by way of computers, laptops, most importantly internet.
Reiterating the fact that India faces mainly two nations concerning the cyberattack that are Pakistan and China. Indian government websites being hacked by the Pakistanis has been surging up since 2000. And China is also not behind, as it is believed that China has trained nearly 30, 000 hackers to raged the cyberwar whenever possible. Thus, making India a hotspot of vulnerability and is the need of the hour to tackle the same.
- Team_H4tr!ck, Pakistan G force, Pakistan Hacker’s club are a few notorious Pakistani hacker groups who are still indulged in attacking India.
- In 2010, CBI and the National Informatics Centres official websites were attacked and it was believed to be executed by the Pakistan Cyber army.
- In the same year, China attacked the encrypted NSA, Airforce and Navy’s networks.
- In 2012, the Pakistan hackers spread rumours on social media which outraged the post-Assam violence.
- Even it is believed that northeastern states encountered a complete black-out because Chinese hackers got the control over entire grid line system established in northeastern India.
- Red Echo a Chinese malware that targets India’s power sector.
- Stone Panda a Chinese hacker group had identified gaps in the IT structure and supply chain software of Bharat Biotech and the Serum Institute of India.
Concerned with all these issues the Indian government enacted a few laws and policies in that regards like Information Technology 2000 and National Cyber Security Policy 2013 and 2020 along with these few committees have been established like Hmachandra Committee 2017 and the Srikrishna Committee.
The Indian government to determine the issue of privacy established a committee under the chairmanship of Retd. supreme court judge B.N Srikrishna in August 2018. The highlights of the committee were as follow;
- The committee observed that the existing Right to Information, Aadhaar and Information Technology Acts shall be amended in the wake of data protection and an explicit data protection law shall be enacted.
- The committee further recommends that any sharing, disseminating, disclosure, collection of personal data shall be governed by Indian laws if the data occurs in India.
- The data protection law if so enacted shall allow the central government of India to dismiss those companies which are not present in India and are processing the personal data of foreign nationals thus, more power is ensured in favour of the central government.
- The law if so established shall set up a DPA an autonomous body that shall be working on ensuring the effectiveness of the data protection law in India.
- Penalties shall be imposed in case anyone is found to have violated the provisions of data protection law.
- On the premises of emergency, maintaining law and order, ensuring tranquillity and so on the state may process data of the users without their consent.
- Any personal data which is processed by a public or private institution shall be covered within the purview of data protection law.
- All the personal data namely; password, health data, sex data, biometric or genetic data etc shall be covered under the head sensitive personal data.
- If any personal data is transferred cross border it shall be executed via a contract model which specifies the obligation of the transferee against the transferor. The transferee shall be held liable in case of harm caused to the transferor in response to such sharing of personal data to some else or any opposition country.
- Personal data titled as critical shall only be administered in India and this critical data shall not be transferred to the bordering nation.
PUBG, TikTok, AliExpress and a plethora of other Chinese apps (267 apps) were banned in India and were removed amid the India-China conflict in the Galwan valley in Ladakh. And the Ministry of Electronics and Information Technology gave an official ruling in respect to such a ban “that these apps were harmful to the sovereignty and integrity of India, defence of India, security and public order” and hence directed the government to block the access of these apps to the public including the blocking of public information generated, transmitted, received, stored in any database. The ministry banned these Chinese apps following section 69A of the IT Act, 2000.
Supporting such a ban the information and technology ministry has observed that they had received a plethora of complaints concerning misuse of data by few mobile apps. It was said that these mobile apps were indulged in the practice of stealing, collecting, disseminating and transmitting user’s data to a location that is outside the territory of India in an unsanctioned manner thus, it was a matter of deep concern and hence requires an emergency redressal.
- Quora; in the year 2018, Quora compromised a massive breach of its users’ data. According to a report it was said that nearly 100 million Quora accounts were intruded and through that invasion, the hacker must have an access to the following;
- Account and user information,
- Personal as well as public content,
- Data imported linked with the devices of the users and many more.
- Facebook; similarly, in 2018 nearly 50 million Facebook accounts were hacked and the hacker could have easily got access to the accounts personal information without knowing the user as well as Facebook. This was not the 1st time that Facebook accounts were hacked indeed in 2020 there was immense leaking of users’ data. Again in 2021, nearly 553 million Facebook accounts were hacked.
India is a very huge market. Despite getting banned from India the Chinese apps TikTok and PUBG are attempting, again and again, to enter the market because no one wants to lose such a huge market and more specifically profit.
Privacy and national security are two major aspects of a better nation which shall be given due consideration and an equivalent bridge or balance shall be maintained between these two. It shall be ensured that whosoever is taking the data or has an access to such data must not share, collect, transmit to any other nation without any authorization, otherwise stringent penalties shall be imposed.
Further, it shall be made clear that in the name of privacy we shall not compromise national security and similarly in the name of national security, privacy shall not be compromised thus a proper balance shall be ensured which allows the protection of citizens personal data as well as ensuring the protection of state and maintaining peace and tranquillity.
Author: Nikhil Thakur, Manav Rachna University
Editor: Kanishka Vaish, Senior Editor, LexLife India.