Currently, the Information Act, 2000 is the primary law for dealing with cybercrime and digital commerce in the country.
The Act was first formulated in 2000, and then was revised in 2008 and came into force a year late. The Information Technology (Amendment) Bill, 2008 amended a number of sections that were related to digital data, electronic devices and cybercrimes.
In the Information Technology Amendment Act, 2008, cybersecurity is exercised under sections 43 (data protection), 66 (hacking), 66A (measures against sending offensive messages), 66B punishment for illegally possessing stolen computer resources or communication devices), 67(protection against unauthorised access to data), 69 (cyberterrorism), 70 (securing access or attempting to secure access to a protected system) and 72 (privacy and confidentiality) among others.
Although currently, there is neither a Joint Working Group on Cyber Security nor is the Ministry planning to set up an autonomous body to deal with cybersecurity issues, the Government is becoming stricter with its cybercrime policies.
The Government approved a framework to enhance security in Indian cyberspace for cybersecurity with the National Security Council Secretariat functioning as the nodal agency.
The National Cyber Security Policy, 2013 was developed to build a secure and resilient cyberspace for India’s citizens and businesses. The Ministry of Electronics and Information Technology said that the policy aims to protect information and the information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimise damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
The National Technical Research Organisation is the main agency designed to protect national critical infrastructure and to handle all the cybersecurity incidents in critical sectors of the country.
Additionally, the Indian Computer Emergency Response Team (CERT-In) is responsible for incident responses including analysis, forecasts and alerts on cybersecurity issues and breaches.
Advisories have been issued by the Ministry of Home Affairs (MHA) to states and Union Territories in the country on the steps to take to prevent cybercrimes, which are available on the Ministry’s website.
The Ministry of Home Affairs is implementing the ‘Cyber-Crime Prevention against Women & Children’ Scheme with the intent to prevent and reduce cybercrimes against women and children.
This scheme will implement stricter laws and policies and conduct programmes to spread awareness about the cyber threats and how to deal with them.
The release said that the Ministry of Home Affairs has constituted an Inter-Ministerial Committee on Phone Fraud and has issued advisories to states and Union Territories on the ways to check and handle phone frauds.
India is at number 23 of the UN Global Cybersecurity Index (GCI) 2017. According to Mr Gulshan Rai, the National Cyber Security Coordinator, it is not a desirable number but is much better than many of the countries on the list. He said that India’s target this year is to make it among the top 10.