Cyber insecurity is the new normal
It is incumbent upon the government to respect its citizens' right to privacy but the limits of this obligation will be hazy. Preeti Singh writes.Updated: Jul 05, 2013 21:36 IST
A couple of months ago, I was in South Block for a meeting at the ministry of defence. Security norms dictate leaving mobile and electronic devices at the checkpoint. Imagine my horror when I came back an hour later to see one of the guards going through my iPad. This cavalier attitude towards individual privacy is illustrative of an interesting dilemma between the inevitability of a more intrusive State and its obligation to protect the privacy of its citizens.
India has unveiled a new National Cyber Security Policy to deal with growing cyber threats. It will be interesting to see the efficacy with which these intentions are translated into preparing the country for a new global normal. In this inextricably connected world, technology - like humans - has its limits and is not failsafe. It is also equally true that the tech-empowered State is the only way forward, where new technologies like cloud computing, big data analytics and increased mobility will play the defining role in delivering welfare to the marginalised millions. All of them have one thing in common: they rely on the interaction among large public datasets that include everything from your bank information to biometrics.
This means that cyber threats don't just threaten our privacy or a State's; they threaten to disable the very architecture that seeks to deliver welfare. Also, the battle is no longer limited to a bunch of ingenious hackers against unsuspecting individuals, but is heading into a full-blown war with sustained and targeted attacks against nation states, where the right to privacy is collateral damage.
WikiLeaks, Edward Snowden and PRISM may have captured our imagination of late, but issues of surveillance and data privacy have been slow to take root in India. The country's efforts to build the world's largest biometric database under the Unique Identification (UID) project - and the fear mongering that has followed such intrusive data collection - makes it all the more crucial that the less-talked-about components in the new policy, like the creation of security awareness and stronger legal frameworks, are put in place at the earliest. India urgently needs a well-thought-out cyber security law to protect against the misuse of individual freedoms.
We also need to be prepared for that inevitable breach, where the role of regulatory mechanisms and legal checks and balances will become crucial. One of India's biggest problems is the lack of a stringently-imposed legal deterrence, which invites opportunists to break the law with impunity. This becomes all the more important while protecting the nation's critical data and information systems, as well as preserving the trust of over a billion citizens willing to surrender personal information at every turn.
But the government has signalled its willingness to at least open the doors to greater collaboration and proven wisdom, in securing these limits, and the constant allusion to public-private partnerships in the new policy is refreshing, as is the preference for open standards. A corollary to this is that though the policy displays a preference for indigenisation, it does not harp on it.
Unfortunately, the price we must pay for having the world at our fingertips is knowing that someone from that world will always be tempted to sneak a peek. Being part of the global commons makes cyberspace a particularly challenging environment to draw boundaries in, and some might criticise the government for not adequately addressing these concerns. Well, here's one thing we should be clear about: other countries have absolutely no obligation to respect Indian citizens' right to privacy, especially when it comes to 'national security' concerns. But the Indian government does. Let's also bear in mind that the limits of this obligation will always be hazy, whether we like it or not.
In the end, no policy can guard us against the abuse of discretion. That is the new normal. Next time, I'll remember to password-lock my iPad.
Preeti Singh is editor, iGovernment.in at 9.9 Media
The views expressed by the author are personal