From UPSC perspective, the following things are important :
Prelims level : Data localisation
Mains level : Cyber crime - data issues
In recent times, there have been many instances of the hard-earned money of Indians being taken out of bank accounts and charges loaded onto credit cards through online frauds.
How does it affect India
- We are making a huge transition to a cashless economy. So, public faith in the digital system needs to be consistently reinforced.
- Cybercrimes affect the emerging “startup” ecosystem. Customers of genuine startups and Indian businesses have been subjected to online fraud.
- The skepticism on online transactions also hurts the potential of emerging companies that could take India to the $5 trillion economies that the country aspires to.
- The Srikrishna Commission recommended that data be stored in the country either directly or through mirror servers to serve law enforcement needs.
How online money frauds work:
- Fraudsters start by creating various websites or accounts on social media platforms that host some content to make them look similar to the authentic companies’ websites or social media interfaces.
- Such websites and social media accounts list fake customer care numbers for relevant brands.
- When a customer tries to search for a company name by using a search engine, the customer care numbers or email IDs that pop up as results are often these fraudulent ones.
- The customer may end up calling such a fake number, and get entrapped by fraudsters into sharing his or her bank information, which enables the anonymous con artists to siphon off money from the customer’s account.
- These fraudsters send online links, asking customers to share their UPI details or other such information.
- Unsuspecting customers are also asked to download screen mirroring apps, through which they gain access to information on mobile phones.
Challenges in tackling cyber crimes
- All the players involved, including banks, telecom companies, financial service providers, technology platforms, social media platforms, e-commerce companies, and the government, need to play a responsible role.
- The customer also has a responsibility to maintain basic cyber hygiene by following practices and taking precautions to keep one’s sensitive information organized, safe and secure.
- Law enforcement agencies in different states are not fully equipped to understand and act upon complaints of such frauds.
- Victims of fraud are too ashamed to admit that they have been conned, and often do not even tell their families. If the losses are large, the results can be devastating for fraud victims.
- While many cases aren’t even reported, in cases that are, the investigations make little or no progress due to lack of access to data.
- Despite multiple requests for data from Indian startups, search engines, and social media platforms have generally been unresponsive, taking cover under the privacy principles or laws of the countries they are based in.
- The US Electronic Communications Privacy Act bars US-based service providers from disclosing electronic communications to law enforcement agencies of any country unless US legal requirements are met.
- The bilateral mechanism of the India-US Mutual Legal Assistance Treaty is a bit outdated and does not seem to work.
- Since most search engines and social media platforms have no “permanent establishment” in India, law enforcement agencies have hit a wall on data access.
- The US Cloud (Clarifying Lawful Overseas Use of Data) Act, however, enables law enforcement authorities in India to request electronic content directly from US service providers under an executive agreement with the US government.
India needs to work out a way to crack cyber frauds and crimes. The country urgently needs a legally-backed framework that would bind all parties and enable law enforcers to act quickly and safeguard Indian citizens and businesses from a fast-growing menace.