fbpx

Data Breach: Unveiling the Cracks in Digital India

A sequence of events that started on June 12 revealed a sharp discrepancy between the promises made by Digital India and the reality on the ground. These occurrences raise major questions about the effectiveness and integrity of India’s digital transformation, from a data breach on the CoWIN platform to the lack of a thorough National Cyber Security Strategy and insufficient legal protection for people’ data.

Government Refusals and the CoWIN Data Breach

Data Breach: The Malayala Manorama and online publication “The Fourth” both stated on June 12 that there had been a data breach on the CoWIN platform. On the messaging app Telegram, personal information was discovered to be in circulation, including immunisation records and identity numbers.

Government Denials: Despite the mounting evidence of the data breach, the Ministry of Health and Family Welfare and Minister of State, Ministry of Electronics and IT (MEITY), responded with denials. The Ministry of Health and Family Welfare labeled the reports as “mischievous,” while the Minister of State, MEITY, claimed that the sensitive information had emerged from previously stolen data.

Press Information Bureau Statement: Later in the day, the PIB issued a statement asserting the complete safety of the Co-WIN portal and its adequate safeguards for data privacy. However, the credibility of this statement was questionable, given the initial denials and the substantial evidence of the breach.

Lack of Transparency: The government’s response to the CoWIN data breach exemplifies a recurring pattern of denial and opacity in addressing data breaches in the public sector. Previous incidents, such as the Employees’ Provident Fund Organisation breach and the ransomware attack on AIIMS, have been met with similar denials and lack of transparency.

Erosion of Trust: The consistent lack of transparency, coupled with the absence of a National Cyber Security Strategy and data protection laws requiring breach notifications to affected users, has eroded citizens’ trust in the government’s ability to secure their personal information. T

Lack of Cybersecurity Strategy and Data Protection Laws

Absence of National Cybersecurity Strategy: India lacks a comprehensive National Cybersecurity Strategy, which is crucial for effectively addressing the evolving cyber threats and ensuring the security of digital infrastructure.

Limited Legislative Framework: India does not have robust data protection laws that adequately safeguard citizens’ personal information. While the proposed Draft Digital Personal Data Protection Bill, 2022, is under consideration, there are concerns that it may exempt government entities from compliance.

Inadequate Breach Notification Requirements: The absence of data protection laws also means that there are no specific requirements for organizations to notify individuals in the event of a data breach.

Limited Accountability and Transparency: The Computer Emergency Response Team (CERT-In), responsible for investigating and responding to cyber incidents, often maintains silence and does not make its technical findings public. This lack of transparency undermines public trust and leaves citizens unaware of the actions taken to address cybersecurity incidents and protect their data.

Digital Public Infrastructure (DPI) and Lack of Legislative Mandate

Lack of Legislative Mandate: The Digital Public Infrastructure (DPI) framework, encompassing various platforms like Aadhaar, Aarogya Setu, CoWIN, Government E-Marketplace (GEM), and the Open Network for Digital Commerce (ONDC), operates without a clear legislative mandate. These platforms have been created without specific functions, roles, and responsibilities defined by an Act of Parliament.

Joint Ventures and Special Purpose Vehicles: Many of these DPI platforms are developed as joint ventures or special purpose vehicles, which allows them to circumvent accountability mechanisms such as audits by the Computer Auditor General (CAG) or transparency mandates under the Right to Information Act.

Inconsistencies in Expertise: The claim of expertise in creating DPI platforms to provide citizen services is inconsistent with the evidence. Glitches, failures, and exclusion errors have been observed in systems like Aadhaar, Aarogya Setu, and GEM, undermining the credibility of their expertise.

Data Gathering: A common aspect of DPI platforms is their tendency to collect extensive personal information from Indian citizens that goes beyond the technical requirements. This data collection can result in multiple individual and social harms, including the risk of data breaches and privacy infringements.

Constitutional Frameworks and Accountability: The absence of a constitutional framework for DPI platforms hampers the establishment of robust regulatory and institutional frameworks. This lack of accountability leaves individual harms unaddressed and undermines the creation of effective governance mechanisms.

Sedition Law in India: The Need for Repeal and Reform

The quote by the French writer Andre Gide, “Everything has been said before, but since nobody listens, we have to keep going back and beginning all over again,” perfectly captures the condition of the sedition discussion in India at the moment. The 279th statute Commission Report, which defends the sedition statute, is a metaphor for the disregard for the general population.

Historical Perspective of Sedition law

Section 124A of the IPC was introduced during the British Raj in 1870 to suppress dissent and protest against the colonial government.

The then British government in India feared that religious preachers on the Indian subcontinent would wage a war against the government.

Particularly after the successful suppression of the Wahabi/Waliullah Movement by the British, the need was felt for such law.

Throughout the Raj, this section was used to suppress activists in favor of national independence, including Tilak and Mahatma Gandhi, both of whom were found guilty and imprisoned

What is the ‘Tendency’ Jurisprudence?

The tendency jurisprudence refers to the legal concept or approach that considers the potential or inclination of an act to incite violence or disturb public order, rather than requiring evidence of actual violence or an imminent threat of violence.

In the context of sedition laws, it implies that expressions or actions that have a tendency to incite violence or promote hatred, contempt, or disaffection against the government can be penalized, regardless of whether they directly lead to public disorder.

Key points related to the ‘Tendency’ Jurisprudence

Ambiguity: The ‘tendency’ standard is often criticized for its ambiguity and lack of clarity. It allows for the inclusion of acts or expressions that may not have a direct causal connection with public disorder, making it difficult for judicial and executive bodies to interpret and apply consistently.

Loose Formulation: The ‘tendency’ standard is a loose formulation that can encompass a wide range of acts or expressions. It opens the possibility of penalizing speech or actions that may not pose an immediate threat but are perceived to have the potential to incite violence or disrupt public order in the future.

Judicial Challenges: The ‘tendency’ jurisprudence has been subject to legal challenges in various jurisdictions. Critics argue that it can be misused to suppress dissent, curtail freedom of expression, and stifle legitimate criticism of the government, as it broadens the scope of what can be considered seditious.

Pending Petitions: In the Indian context, there are currently nine petitions pending before the Supreme Court challenging the constitutionality of Section 124A (the sedition law). These petitions raise concerns about the ambiguity and potential misuse of the ‘tendency’ standard, highlighting the need for a clearer and more precise definition of sedition.

Relevance to Sedition Laws: The ‘tendency’ jurisprudence is significant in the context of sedition laws because it determines whether an act or expression falls within the purview of sedition. By assessing the inclination or potential of an act to incite violence or disrupt public order, authorities can decide whether to initiate sedition charges against individuals.

Need for Clarity: Critics argue that the ‘tendency’ standard lacks objective criteria and can be subject to interpretation and abuse. There is a demand for a more precise and narrowly defined standard that clearly distinguishes between protected speech and seditious activities to safeguard freedom of expression and prevent misuse of the law.

Concerns over the Power of the police in the enforcement of sedition laws

Investigation and Enquiry: The Law Commission’s recommendation that a police officer, holding the rank of an Inspector or higher, should conduct a “preliminary enquiry” before registering a First Information Report (FIR) in sedition cases. This suggests that the police are granted the power to determine whether an act or expression has the tendency to incite violence, even without proof of actual violence or imminent threat.

Ambiguous Standards: The proposed amendment to include the “tendency to incite violence” in sedition laws further adds ambiguity to the assessment of seditious acts. This gives police officers discretionary power to judge whether an act has an inclination towards violence, creating potential room for misuse or subjective interpretations.

Wide Net and Misuse: The are concerns that the proposed amendment and the broad discretion given to police officers could result in a wide net being cast, potentially encompassing acts that have no real connection to public disorder.

Political Influence: The police officers, especially when influenced by those with political clout at the local, state, or national level, may exercise their power selectively and target individuals or groups critical of the government. This can lead to a suppression of dissent and the abuse of police power for political purposes.

Subansiri Lower Hydroelectric Project (SLHEP)

Trial runs for the Subansiri Lower Hydroelectric Project (SLHEP): NHPC Limited, a government of India enterprise, will begin trial runs for the Project in July.

India’s largest: After a delay of 20 years, India is finally approaching the launch of India’s largest hydropower project which is crucial for the region’s energy transition.

About NHPC Ltd: NHPC Limited, formerly known as National Hydroelectric Power Corporation Ltd, is the largest hydropower development organization in India.

About Subansiri Lower Hydroelectric Project (SLHEP)

Gravity dam: It is a concrete gravity dam 116 m high from river bed level on the Subansiri River.

Location: The dam is located approximately 2.3 km upstream of the Subansiri River in Arunachal Pradesh, India.

Accessibility: The project is located near North Lakhimpur on the border of Arunachal Pradesh and Assam. The nearest railhead is Nagaon, and the nearest airport is Lilabari/Dibrugarh.

Run-of-the-river project: NHPC Limited, the project developer, describes the SLHEP as a run-of-the-river project, indicating its design aims to maintain the natural flow of the river.

Power generation capacity: Once completed, the SLHEP is expected to have a power generation capacity of 2,000 MW, making it one of the largest hydroelectric projects in India.

Construction challenges

Natural obstacles: The project has faced several challenges during its construction, including issues related to landslides, the need for redesigning certain aspects, and opposition from various stakeholders.

Delayed completion: Originally scheduled for completion in 2018, the project has experienced delays, contributing to its ongoing construction status.

Clearance from NGT: The SLHEP received clearance from the National Green Tribunal (NGT) on July 31, 2019, allowing for the resumption of main dam construction activities on October 15, 2019.

Construction progress: As of early 2019, work on the SLHEP and other major dam projects in the Assam region, such as the Dibang Dam, had faced challenges and were not progressing as expected.

Benefits offered

Cascade development and flood moderation: It is expected to moderate floods in the Subansiri River and bring overall development to the area, benefiting the local economy.

Hydropower boost: Hydropower plays a crucial role in balancing the electricity grid, especially as solar and wind power generation rise.

Strategic Location

Its strategic significance is heightened by its proximity to the India-China border.

Located in Arunachal Pradesh, which shares a border with China, the project holds geopolitical importance.

Categories
October 2024
M T W T F S S
 123456
78910111213
14151617181920
21222324252627
28293031  
Scroll to Top