Saturday, December 26, 2009

Centralised ICT Control Centre For Intelligence Agencies Of India

Intelligence agencies of India need streamlining. There are numerous intelligence agencies operating in India. However, there is no “Centralised Command” for the same. This results in an anomaly as there is no single authority to whom all of them can report and share their intelligence and other inputs. The worst part is that the acts and omissions of these intelligence agencies are not governed by any legal framework. In short, the intelligence agencies have no clear cut direction, guidance and control. Time has come to create a good and effective “Intelligence Infrastructure” in India. Perry4Law recommends that a “Centralised ICT Control System” must be established by the Home Ministry of India under the guidance of Mr. P.Chidambaram.

Internal security and national security issues of India are complicated to be tackled. This problem has further been goaded in the dearth of a suitable ICT Policy for National Security issues in India. The scornful collapse of the e-governance projects in India has put at rest the empty claims of Indian government to use ICT for national security purposes.

Even the ICT Trends of India 2009 have exposed that Indian efforts regarding reformation of legal, judicial, administrative, law enforcement, intelligence agencies functions, etc through application of ICT have faced grave failures in the year 2009. There is also little hope that the same would be revived in the year 2010. On what basis the government of India (GOI) would use ICT for national and internal security of India is still an unresolved issue.

According to Praveen Dalal, the leading Techno-Legal Expert of India and Managing Partner of Perry4Law, “Intelligence agency of a country plays an important role in its internal and external security. There must be a “Centralised ICT Control System” to govern intelligence agencies if there are more than one. If there are numerous intelligence agencies working for different government departments, there is a possibility of lack of coordination and inadequate and inappropriate information sharing. Nothing can be more beneficial than a “Centralised ICT Control Centre” for the Indian National and Internal Security.

The government of India has yet to enact suitable laws governing intelligence agencies on the one hand and set up a centralised “Control System” for them on the other. India must give up the practice of achieving goals on paper only and must be truthful and accountable to its commitments. Let us wish that GOI would come up with effectual and reliable national security actions concerning the suggestions provided by experts in this regard.


Friday, December 25, 2009

E-Governance Projects In India Have Failed

E-Governance has never been managed properly in India. There is no transparency, lack of accountability and abundance of corruption pervading and marring the E-Governance initiatives and projects of India. The almost depletion of projects like E-Bharat is a classical example of inadequate e-governance capabilities of India. Ironically, the chief instrument (e-governance) that was supposed to prevent and eliminate corruption from India has itself become an instrumentality and breeding ground for corruption in India. There is an emergent need of demanding accountability from the corrupt officials and ministers who have doomed Indian e-governance initiatives for long. Further, funding agencies and organisations like UNDP, World Bank, etc must actively seek “Management Controls” over e-governance projects they are supporting in India as leaving it in the hands of corrupt officials would be detrimental to the interest of common man of India.

Information and Communication Technology (ICT) is the core strength of business community of India. The same has, however, failed to find a place in the national policies and strategies of India and in governmental dealings. The ICT Trends of India 2009 showed the naked truth of the contrary claims of Government of India. Despite negative reports and progress in India, the Indian government is loyal to the “India Shining Syndrome” rather than concentrating upon real and effective ICT projects management in India.

According to Praveen Dalal, the leading Techno-Legal Expert of India and Managing Partner of Perry4Law “The Government and Indian Bureaucrats need to change their mindset and stress more upon outcomes and services rather than mere ICT procurement. India needs a services-based approach that is not only transparent but also backed by a more efficient and willing Government. Presently the Bureaucrats and Government of India are in a “resistance mode” towards novel and effective e-governance policies and strategies and they are merely computerising traditional official functions only. This is benefiting neither the Government nor the citizens and is resulting in wastage of thousands of crores of public money and UNDP/World Bank grants amount”.

The continued apathy, mismanagement and lack of accountability has finally shown its impact. The World Bank refused to operationalise the e-governance support project known as “E-Bharat” without its active management role in the same. The World Bank did not agree to the framework for implementation of E-Bharat as it was insisting on certain conditions to manage the project. For instance, against a hands-on project management approach being favoured by the World Bank, India was pushing for a programme mode where assistance could be linked to targets or milestones.

The expectations of World Bank are justified as there is a complete failure of e-governance projects in India barring few exceptions. In the absence of transparency and accountability, investing Crores of rupees in Indian e-governance projects is not a wise and profitable option. The World Bank must actively engage in day to day management functions of the projects it is sponsoring or funding.

In fact, the Parliamentary Standing Committee on IT, in its latest report noted that e-Bharat project was “in trouble”. Following the Government's decision not to establish a dedicated Special Purpose Vehicle (national e-governance agency), a requirement insisted on by the World Bank earlier, the Bank had advocated a newer look to be adopted inter-alia suggesting termination of the preparation of the E-Bharat Project. With the management controls in its hand, the World Bank may continue this much needed e-governance project of India. It would be good for Indian common man if other fund providing agencies like UNDP also take similar steps so that e-governance projects are not eaten up by corruption of Indian officials.


Thursday, December 24, 2009

National Security and Internal Security Infrastructure Of India

National security of India has recently received a rejuvenation attempt by the Government of India (GOI). This is good news at a time where the national security issues are grossly ignored in India. The national security of India and internal security of India are suffering not only on the count of lack of political will but also due to absence of suitable policies and strategies.

The ICT Trends of India 2009 have also proved that India has failed on the fronts of Cyber law of India, Cyber Terrorism in India, E-Courts in India, E-Learning in India, Unique Identification Project of India, Serious Frauds and White Collar Crimes, National Security Issues, Crime Reporting by Media, Internet Banking Frauds, Cyber Security of Defense Forces, Cyber War in India, E-Surveillance in India, etc.

According to Praveen Dalal, Managing Partner of Perry4Law and the leading Techno-Legal Expert of India, “Indian approach in this regard is not sensible at all. We should not invest thousands of crores of Indian rupees into security projects that can be manipulated and sabotaged in minutes. Rather we should first analyse the weaknesses and security holes of the same before buying and installing it.

After all security of a Nation is proper application of “common sense” rather than wasting unlimited amount of money. Crime and Criminal Tracking Network & Systems (CCTNS) of India, Unique Identification Authority of India (UIAI), Rs 800 crores centralised facility to control phone tapping activities in India, etc are some of the projects that require common sense application before their implementation. They have to be tested in a “limited environment” before using them in a full fledged manner, says Praveen Dalal.

It seems Indian security initiatives have to be holistically analysed and suitably applied. The Indian security infrastructure and workforces are not in good shape and require rejuvenation. We need a techno-legal security workforce and not personnel who do not have even the basic facilities and technological means and knowledge. The terrorist attacks have really shattered the deep pervasive false sense of security present in the Indian government mentality. We have to think and act against such internal and external threats by going beyond a "political debate". We can fool ourselves by bragging about India’s capabilities and victories against terrorism and cyber terrorism and keep on facing future attacks and bear the traumatic casualties. Alternatively, we must accept our weaknesses against such attacks and take constructive steps to anticipate, prevent and counter such future terrorist and cyber terrorism activities, warns Praveen Dalal.

With a new ray of hope shown by the recent stress upon national security of India we can expect some good results in this direction. However, India is famous for mere assurances and proposals without actually implementing them. Similarly, due to faulty management and policies even the implemented projects have failed in the past. Let us hope that this time India would do the proper homework before starting an initiative that it cannot implement and run.


ICT Trends And Analysis In India 2009 By Perry4Law

Information and Communication Technology (ICT) is one of the core strengths of India. However, many aspects of ICT are still not within the competence of India. India is performing poorly in many areas of ICT and there is an urgent need of establishing transparency and accountability within the governmental departments so that India can perform better. India must also pay attention towards protection of "Human Rights in Cyberspace". Perry4Law and PTLBTM/SM have been providing ICT Trends In India, Cyber Law Trends in India, Cyber Security Trends in India, Cyber Forensics Trends in India, etc for long. This is the current ICT Trends of India 2009 by Perry4Law.

The present trends report is covering topics like Cyber law of India, Cyber Terrorism, E-Courts in India, E-Learning in India, Unique Identification Project of India, Serious Frauds and White Collar Crimes, National Security Issues, Crime Reporting by Media, Internet Banking Frauds, Cyber Security of Defense Forces, Cyber War in India, E-Surveillance in India, etc.

The report has clearly established that India once again failed to cater the growing contemporary demands of ICT and their legal, judicial and public service providing applications. The predominant reason for the same seems to be lack of political will to achieve the needful. Though India makes lot of declarations yet hardly one or two is actually implemented. India is more interested in accomplishments that can be found on papers only rather than real, effective and grassroot level achievements.

The report concludes that “Indian efforts for streamlining use of ICT have further degraded from 2008. The year 2009 saw some major ICT pitfalls and bad decisions were made by the GOI. Overall the year 2009 can be said to be “Blunder ICT Year” of India despite all contrary governmental claims.


Wednesday, December 23, 2009



The Union Home Minister, Shri P.Chidambaram has suggested some dynamic and progressive measures that would go a long way in strengthening the National Security of India. Presently, they are at the “Proposal Stage” but these suggestions have lot of potential for the overall and holistic security of India. It would be a good strategy if there are time bound obligations that are implemented and monitored in a fair, transparent and accountable manner. Similarly, there is also an emergent need to look at the “Techno-Legal Aspects” of the National and Internal Security of India. The present ICT Trends of India 2009 have not showed a positive development in this regard and we hope the Home Minister would not fail India this time. Perry4Law and PTLB would be providing their insights and suggestions in this regard from time to time. The Government of India must also keep in mind the Human Rights aspect of the netizens in Cyberspace while implementing various security related and crime fighting initiatives.

The Union Home Minister, Shri P.Chidambaram has proposed radical restructuring of the security architecture at the national level. As part of the plan India must be able to set up the National Counter Terrorism Centre (NCTC) by the end of 2010. Once set up, NCTC must have the broad mandate to deal with all kinds of terrorist violence, directed against the country and its people.

Realising the gross deficiency in connectivity, the Central Government is implementing an ambitious scheme called “Crime and Criminal Tracking Network System (CCTNS).” The goals of the system are to facilitate collection, storage, retrieval, analysis, transfer and sharing of data and information at the police station and between the police station and the State Headquarters and the Central Police Organisations.

Another major idea is the proposal to set up the National Counter Terrorism Centre (NCTC). As the name suggests, the goal is to counter terrorism. Obviously, this will include preventing a terrorist attack, containing a terrorist attack should one take place, and responding to a terrorist attack by inflicting pain upon the perpetrators. Such an organisation does not exist today. It has to be created from scratch. India must decide now to go forward and India must succeed in setting up the NCTC by the end of 2010.

Once NCTC is set up, it must have the broad mandate to deal with all kinds of terrorist violence directed against the country and the people. NCTC would therefore have to perform functions relating to intelligence, investigation and operations. All intelligence agencies would therefore have to be represented in the NCTC. As far as investigation is concerned, Government has set up the National Investigation Agency, and that agency would have to be brought under the overall control of NCTC. The last function – operations – would of course be the most sensitive and difficult part to create and bring under the NCTC. But without ‘operations’, NCTC and the security architecture that is needed will be incomplete. It is the proposed ‘operations’ wing of the NCTC that will give an edge – now absent – to our plans to counter terrorism.

The establishment of the NCTC will indeed result in transferring some oversight responsibilities over existing agencies or bodies to the NCTC. This should not result in turf wars. Some agencies would naturally have to be brought under NCTC and what come to my mind readily are NIA, NTRO, JIC, NCRB and the NSG. The positioning of R&AW, ARC and CBI would have to be re-examined and a way would have to be found to place them under the oversight of NCTC to the extent that they deal with terrorism. The intelligence agencies of the Ministry of Defence and the Ministry of Finance would, of course, continue to remain under the respective Ministry, but their representatives would have to be deputed mandatorily to the NCTC. NATGRID would obviously come under NCTC. So also, CCTNS would have to be supervised by the NCTC.

Given the overarching responsibility of NCTC and its mandate, it will be obvious that it must be headed by a highly qualified professional with vast experience in security related matters. Considering the structure of our services, it is natural to expect that the head of one of our organisations will be appointed to the post, by whatever name it may be called. He/she could be a police officer or a military officer. He/she must be one who has impeccable professional credentials and the capacity to oversee intelligence, investigation and operations. He/she will be the single person accountable to the country on all matters relating to internal security. At the Government level, and in order to be accountable to Parliament, it would be logical and natural to place the NCTC under the Ministry of Home Affairs.

That leaves the question of the structure of the Ministry of Home Affairs itself. MHA now handles a wide portfolio of subjects ranging from ‘freedom fighters’ to ‘forensic science’. Is this a functional arrangement to deal with the grave challenges to internal security that we face and that we will face from many more years? I am afraid not. It is true that the words ‘Ministry of Home Affairs’ have an authoritative ring, but the MHA now performs a number of functions that have no direct relation to internal security. For example, it has a division dealing with freedom fighters but it does not have even a desk for dealing exclusively with forensic science. There are other divisions or desks that deal with Centre-State Relations, State Legislation, Human Rights, Union Territories, Disaster Management, Census etc. These are undoubtedly important functions and deserve close attention. However, internal security is an equally, if not more, important function that deserves the highest attention. In my view, given the imperatives and the challenges of the times, a division of the current functions of the Ministry of Home Affairs is unavoidable. Subjects not directly related to internal security should be dealt with by a separate Ministry or should be brought under a separate Department in the MHA and dealt with by a Minister, more or less independently, without referring every issue to the Home Minister. The Home Minister should devote the whole of his/her time and energy to matters relating to security.

It is after one year in office that I have ventured to outline the new architecture for India’s security. There are two enemies of change. The first is ‘routine’. Routine is the enemy of innovation. Because we are immersed in routine tasks, we neglect the need for change and innovation. The second enemy is ‘complacency’. In a few days from today, 2009 will come to a close, and I sincerely hope that we may be able to claim that the year was free from terror attacks. However, there is the danger of a terror-free year inducing complacency, signs of which can be seen everywhere. A strange passivity seems to have descended upon the people: they are content to leave matters relating to security to a few people in the Government and not ask questions or make demands. I wish to raise my voice of caution and appeal to all of you assembled here, and to the people at large, that there is no time to be lost in making a thorough and radical departure from the present structure. If, as a nation, we must defend ourselves in the present day and prepare for the future, it is imperative that we put in place a new architecture for India’s security.

Monday, December 21, 2009


Perry4Law and PTLB have been providing ICT Trends In India, Cyber Law Trends in India, Cyber Security Trends in India, Cyber Forensics Trends in India, etc for long. ICT Trends in India-2006, ICT Trends in India-2007, ICT Trends in India-2008, Cyber Security Trends-2007, Cyber Forensics Trends in India-2008, etc provided by Perry4Law have proved that India has not paid enough attention to the legal framework for the information society and legal enablement of ICT systems in India. The trends also show that we have a weak cyber and ICT security in India and lack of cyber forensics capabilities in India. This precarious situation has lead to an insufficient critical ICT infrastructure protection in India. This is the latest ICT Trends In India by Perry4Law.

India once again failed to cater the growing contemporary demands of Information and Communication Technology (ICT) and their legal and judicial applications. The predominant reason for the same seems to be lack of political will to achieve the needful.

The ICT Trends in India 2009 are as follow:

(1) Cyber Law Of India: The cyber law of India received a fatal blow in the form of Information Technology Act 2008 (IT Act 2008). The IT Act 2008 amended the original Information Technology Act 2000 (IT Act 2000) and made almost all the cyber crimes “Bailable”. This has made India a safe heaven for cyber criminals and cyber crimes are increasing in India at a speed that India cannot not control.

(2) Cyber Terrorism: The IT Act 2008 has enacted a single provision for meeting the menace of cyber terrorism in India. Although this is a good step in the right direction yet the government of India (GOI) needs to enact a separate and comprehensive legislation in this regard as a single provision would not prove sufficient in the long run.

(3) E-Courts In India: The judicial reforms have finally received the attention of the GOI. However, the quality of judicial services in India cannot be improved till we have E-Courts in India. Till the end of December 2009 India does not have even a single E-Court despite contrary media reports and rumours. Further, there is also an emergent need of e-courts training of judges and lawyers in India.

(4) Online Education And E-Learning In India: Online education in India received two fatal blows this year. Firstly there was a failure of the online examination conducted by IGNOU and then India witnessed the collapse of Common Admission Test (CAT) exams. This shows that India is still not ready for online education and e-learning in India. Even the legal framework for the same is also not conducive and is counter productive.

(5) Unique Identification Project Of India: India adopted Unique Identification Project and constituted Unique Identification Authority of India (UIAI) this year. However, the same is not legitimate in the absence of proper legal framework in this regard that is presently missing. The project also fails to meet the requirements of "Human Rights Protection in Cyberspace".

(6) Serious Frauds And White Collar Crimes: Serious Frauds and White Collar Crimes are increasing in India at a rapid speed. Now the criminals are using ICT to further their acts for committing these crimes. In the absence of stringent laws in this regard, India is becoming a favourite destination for these crimes.

(7) National Security Issues: International Mobile Equipment Identity (IMEI) numbers assumed great significance this year and the GOI banned Chinese mobiles having no IMEI numbers. Even arrests were made to enforce this ban. How mere absence of IMEI numbers alone would prevent enforcement of national security is still unclear.

(8) Crime Reporting By Media: The Delhi High Court has constituted a committee to formulate guidelines for crime reporting by the media. The GOI also constituted a task force for the Broadcasting Authority of India. The choice between self regulation or government enacted laws is still not clear. There is an emergent need of broadcasting laws and regulations in India.

(9) Internet Banking Frauds: Internet Banking frauds are increasing in India at an alarming rate. With a weak cyber law, lack of cyber security awareness and increasing e-surveillance initiatives in India, Internet banking disputes are bound to increase in India. The government is least bothered about these issues and ultimately the account holders would have to bear the financial losses.

(10) Cyber Security Of Defense Forces: The defense forces of India also need cyber security and cyber forensics capabilities. The digital life is an altogether different segment where traditional methods are ineffective. The cyber war and cyber terrorism threats are not only real but also very dangerous. India must upgrade its cyber security and national security capabilities as soon as possible. Repeated cyber security breaches have been reported in India from time to time but the attitude of Indian government has not yet changed.

(11) Cyber War And India: Cyber War and Cyber Terrorism are matters of grave concern to all countries. Equally important are the issue pertaining to cyber security of defense forces in India. These issues are important as they strike at the very root of the critical ICT infrastructure protection in India. While countries like US and Russia are negotiating to limit the impact of cyber wars, India is not doing the needful in this regard.

(12) E-Surveillance In India: With the passage of IT Act 2008 India has now officially become an endemic e-surveillance society. The amendments have provided unregulated, unconstitutional and arbitrary e-surveillance powers to GOI and its agencies and instrumentalities. The fact is that India has become an E-Police State without any regard to "Human Right Protection in Cyberspace". Confidential information is already vulnerable and with the proposed Indian plans of installing key loggers at cyber cafes, the same would exclude the use of cyber cafes for these purposes. Although cyber caf├ęs are not a good place to transact confidential matters yet with a poor Internet penetration in India this may still happen.

(13) Indian E-Governance Failures: There are many factors that ail e-governance of India and make it highly unsuccessful in the Indian context. The net result is that National E-Governance Projects like E-Bharat have died due to absence of proper management, transparency and accountability. Now with the World Bank taking the management of the E-Bharat in its own hands we may expect the revival of the same.

Briefly speaking, Indian efforts for streamlining use of ICT have further degraded from 2008. The year 2009 saw some major ICT pitfalls and bad decisions were made by the GOI. Overall the year 2009 can be said to be “Blunder ICT Year” of India that was really bad for "Human Rights" of Indian netizens.

© All Rights Reserved. No part of this publication must be used, printed, published, republished, etc without prior written affirmative permission from Perry4Law, PTLB and Praveen Dalal.

Sunday, December 13, 2009


Industrial Lobbying and Multi National Companies Pressures have played a decisive, sometimes arm twisting, role in shaping the Polices and Decisions of the Government of India (GOI). The latest among them is the banning of “Chinese Mobiles” that does not bear International Mobile Equipment Identity (IMEI) numbers. The GOI used the card of “National Security” once again without any “Legal Framework” or/and “Justification” for doing the same. The net result is a “rise in sales and profits” of the branded mobile set providers. No person can question the national security initiatives of India provided they are genuine, reasonable and not violative of the Fundamental Rights, Human Rights and other Consumer Rights of the citizens of India. The bigger question is whether the GOI is acting in national interest or vested interest or sheer ignorance?

In a wonderful editorial opinion titled “Pirates versus Extortionists” the author has raised some of the most pertinent questions. It sought an explanation as to how exactly national security would be compromised by the banned Chinese mobile phones.

One may ask does this assertion of banning of these mobiles in India has any significant national security importance? No doubt, having knowledge about the IMEI number has many advantages for law enforcement and telecom service providers. The IMEI number is used by the GSM network to identify valid devices and therefore can be used to stop a stolen phone from accessing the network. If a mobile phone is stolen, the owner can call his or her network provider and instruct them to "ban" the phone using its IMEI number. This renders the phone useless, whether or not the phone's SIM is changed.

However, the bigger question is whether absence of an IMEI number per se is as offensive as to attract the “national security clause” and to brand a holder of such mobile a “terrorist”? The answer is in negative as we need to have additional information besides IMEI for national security purposes. The IMEI is only used to identify the device, and has no permanent or semi-permanent relation to the subscriber. However, many network and security features are enabled by knowing the current device being used by a subscriber.

It is clear that IMEI per se is not conclusive and sufficient to locate a holder of the mobile set. We need other important information as well. The information provided by the SIM cards to the nearest cell tower is more accurate and conclusive than IMEI numbers. The Chinese mobiles without IMEI must also communicate with the service provider’s cell towers in order to communicate and they cannot be a national security threat unless the holder manipulates IMEI, SIM and other crucial technical details and methods of a mobile set. In the absence of an “Explanation” by the GOI, the present action seems to be more guided by vested interests and industrial lobbying than national security concerns. It is also violating the Human Rights, Fundamental Rights and Consumer Rights of Indian citizens without just and reasonable cause.