Search blog.co.uk
Posts archive for: June, 2005

  • PRIVACY AND DATA RIGHTS OF NETIZENS

    by perry4law @

    PRAVEEN DALAL

    The aim of this article is to analyse the privacy and data rights of the netizens in the cyberspace. A comparative analysis of the TRIPS Agreement and the Indian laws has also been made to give a holistic picture. Further, certain strategies for the companies have also been recommended.

    I. INTRODUCTION

    The rights are essential for the survival of a welfare state like India. That is why we possess certain rights coupled with a corresponding duty on others to respect them. These rights may be personal rights like privacy or proprietary rights like data property. These rights, with necessary modifications, are also available to companies who though do not fall within the definition of “citizens” but yet are covered by the definition of “persons” . The concepts of “privacy rights” and “data rights” have acquired great significance in the contemporary world where the boundaries of all nations have vanished due to the inevitable and essential presence of Internet. The advantages associated with the use of Internet are so overwhelming that none can afford to avoid its use. Thus, the solution lies in techno-legal solutions of the privacy and data violations rather than a pure legal action or avoidance of technology. The fight against privacy and data violation requires a “harmonized” and “coherent initiative” rather that individual and country based actions. At the same time it must be appreciated that it is not the “enactment” of a law but the desire, will and efforts to accept and enforce it in its true letter and spirit, which can confer the most strongest, secure and safest protection for any purpose. The enforcement of privacy rights requires a “qualitative effort” and not a “quantitative effort.

    II. NETIZENS RIGHTS

    The netizens rights can be grouped as:
    (A) Fundamental and constitutional rights, and
    (B) Statutory rights.

    (A) Fundamental and Constitutional rights of netizens

    The constitution of India confers certain Fundamental and Constitutional rights on the netizens. These rights can be personal rights or proprietary rights. The right to privacy (Article 21) is a personal right whereas the right to enjoy data property is a proprietary right (Articles 19(1) (g), Article 21 and Article 300A).

    (i) Right to privacy

    Article 21 of the constitution confers the right to privacy on the netizens. This is not expressly mentioned in it but the same has been enunciated by way of judicial interpretation by the Supreme Court. It is personal in nature and only the concerned netizens has a right to control it subject to the restrictions imposed by the law. India is a signatory to the international covenant on civil and political rights, 1966. Article 17 thereof provides for the ‘right of privacy’. Article 17 of the international covenant does not go contrary to any part of our municipal law. Article 21 has, therefore, to be interpreted in conformity with the international law. In Kharak Singh v state of UP (1963) justice Subba Rao, while expressing the minority view, laid down the foundations for the development of law of privacy in India and observed that the concept of ‘liberty’ in article 21 was comprehensive enough to include privacy. In Gobind v State of MP (1975) the Supreme Court observed that ‘right to privacy’ must encompass and protect the personal intimacies of the home, the family, marriage, motherhood, procreation and child bearing. In R.Rajagopal v State of TN (1994) the Supreme Court held that the right to privacy is a ‘right to be let alone’. None can publish anything concerning the above matters without his consent, whether truthful or otherwise and whether laudatory or critical. If he does so, he would be violating the right to privacy of the person concerned and would be liable in an action for damages. In P.U.C.L. v union of India (1997) the Supreme court held that the right to hold a telephone conversation in the privacy of one’s home or office without interference can certainly be claimed as right to privacy. Telephone tapping would, thus, infringe article 21 of the constitution of India. In Mr. X v Hospital Z (1998) the Supreme Court held that the right to privacy may, apart from contract, also arise out of a particular specific relationship, which may be commercial, matrimonial or even political. Public disclosure of even true private facts may amount to an invasion of the right to privacy.

    (ii) Right to trade and profession

    Article 19(1) (g) guarantees that all citizens have the right to practice any profession or to carry on any occupation or trade or business. This freedom is, however, not absolute and is subject to clause (6) of article 19. Thus, reasonable restrictions can be imposed to curtail this right. Thus, data property is protected by this article and so long the data are possessed and owned within the restrictive parameters of this Article, it will have the Constitutional protection.

    (iii) Right to livelihood

    Article 21 confers right to livelihood upon all persons. If the means of livelihood are taken away, then right to life is definitively violated. The apex court in Kapila Hingorani v State of Bihar (2003) held that the term “life”, includes livelihood and facets thereof. Thus, means of livelihood like data property cannot be taken away except by a procedure established by law. The right to hold data in privacy and enjoy its fruits and benefits is definitely a part of Article 21 as it helps in the earning of livelihood. The holding of crucial data brings certain strategic and financial advantages over the competitors that help in earning a livelihood better that the others.

    (iv) Right to property

    Article 300A of the constitution confers a right on all persons to hold and enjoy their properties. Thus a person cannot be deprived of his property save by authority of law. Any violation of this right can be challenged in a court of law. The expression “property” is of wide amplitude and it includes tangible as well as intangible properties, including data property. Thus, data property cannot be taken away except by authority of law and an unlawful deprivation of data property will be remedied at law.

    (B) Statutory rights of netizens

    The Fundamental and Constitutional rights are supplemented by certain statutory rights. The statutory rights of netizens can be grouped as:

    (a) Personal rights, and
    (b) Proprietary rights.

    (a) Personal rights

    The statutory law of privacy is the recognition of the individual’s right to be let alone and to have his personal space inviolate. It is scattered in various statutes and is not recognised as such. For instance section 228A of IPC, 1860 prohibits the disclosure of the identity of a victim. Similarly, the ITA, 2000 also contains provision for the vindication of privacy rights. For instance, if a person authorised under the act, rules or regulations, secures access to any electronic record, information, document etc without the consent of the person concerned and discloses the same to any other person then he shall be punished with imprisonment up to 2 years, or with fine up to Rs.1 lakh, or with both .

    The following provisions of the Information Technology Act, 2000 reflect India’s concern for protection of privacy rights of its citizens, as available against private individuals, in the realm of information technology:

    (1) Long Arm Jurisdiction- Sec.1 (2) read with Sec.75 of the Act provides for an extra-territorial application of the provisions of the Act. Thus, if a person (including a foreign national) contravenes the privacy of an individual by means of computer, computer system or computer network located in India, he would be liable under the provisions of the Act.

    (2) Unauthorised Use- If a person makes an unauthorised use of the computer, computer system or computer network of another person by accessing, downloading, introducing computer contaminant, damaging, disrupting, denying access etc. , he will automatically violate the privacy of the owner. Such a person shall be liable to pay compensatory damages not exceeding rupees one crore to the person so affected. Thus, the right to privacy includes the right of an individual to be free from restrictions or encroachments on his person or property, whether these are directly or indirectly brought about by calculated measures .

    (3) Computer Tampering-The privacy of a person will also be intruded if his computer source documents are tampered with. The person tampering with such computer source documents shall be punishable with imprisonment up to 3 years or with fine, which may extend up to Rs.2 lakhs, or with both .

    (4) Computer Hacking- If a person causes wrongful loss or damage to any person, by destroying, deleting or altering any information residing in his (owner’s) computer resource or diminishes its value or utility or affects it injuriously by any means, he commits hacking and thus, violates the privacy of the owner. The person hacking shall be punishable with imprisonment up to 3 years or with fine, which may extend up to Rs.2 lakhs, or with both. However, an innocent infringer will not be liable if he proves that he committed the act without any intention or knowledge .

    (5) Network Service Provider’s Liability- A network service provider shall be liable for violation of privacy of a third party if he makes available any third party information or data to a person for the commission of an offence or contravention. A citizen has a right to safeguard the privacy of his own, his family, marriage, procreation, motherhood, childbearing and education among other matters. None can publish anything concerning the above matters without his consent, whether truthful or otherwise and whether laudatory or critical. If he does so, he would be violating the right to privacy of the person concerned and would be liable in an action for damages . However, a network service provider will not be liable if he proves that the offence or contravention was committed without his knowledge or he had exercised all due diligence to prevent such commission .

    (6) Liability of Companies- Where the privacy rights of a person are infringed by a company, every person who at the time of contravention was incharge of and was responsible to the company for the conduct of its business as well as the company shall be guilty of the contravention and liable to be processed against and punished accordingly. However, such person shall not be liable if he proves that the contravention took place without his knowledge or that he exercised all due diligence to prevent such contravention .

    These provisions provide sufficient protection against privacy violations by private individuals by misusing the information technology .

    (b) Proprietary rights.

    The proprietary rights, in the form of data property, are available under both the Trade Related Aspects of Intellectual Property Rights (TRIPS) Agreement and the Indian Copyright Act, 1957.

    The TRIPS Agreement recognises the protection of “data property” in Article 10(2) of the TRIPS Agreement. Article 10(2) of the Agreement provides that “compilation of data” or “other material”, whether in machine-readable or other form, which “by reason of the selection or arrangement” of their contents constitute intellectual creations shall be protected “as such”. The Article further provides that such protection, which shall not extend to the data or material itself, shall be without prejudice to any copyright subsisting in the data or material itself. A closer perusal of the Article reveals the following facts:

    (i) It is the ‘compilation” of data or other material, which is protected under TRIPS Agreement. The “compilation” of a subject matter of Copyright is protected under almost all the legal systems. This is also protected in the Berne Convention. Further, by using the words “other materials” the ambit of this Article has been extended to even “non-data items”.

    (ii) The compilation may be either in a machine-readable form or in some other form. The previous category includes storing of data in “computers” and its “parallels”, whereas the latter category includes storing of the data in the traditional paper mode. This storing of “data property” mandates protection of the same in IT law as well. The Copyright Act, 1957 protects “databases” as “literary works” under section 2(o) in an “inclusive” manner and it can cover more categories. Secondly, the concept of “compilation” used in this section is itself inclusive and the compilation of “databases” is one of them. Thus, “compilation” U/S-2(o), includes at least two forms of compilation. The one is compilations for the purpose of conferment of Copyright and the other is compilation for the purpose of Data Protection. Section 13(1) (a) of the Copyright Act uses the expression “original literary works not only in an “inclusive” manner but also in a “multifunctional” manner. The copyright Act protects original compilations as “both” copyright and databases. It would be wrong to suggest that copyright and data protection are one and the same thing. These two are different Intellectual Property Rights, which are expressly protected not only under the TRIPS Agreement but also equally under the Copyright Act. In fact, the definition of “literary work” is capable of accommodating “other materials” as well, which may be non-data in nature.

    (iii) The data protection originates because of the “selection or arrangement” of the contents by using the “intellectual creations”. If there is no intellectual endeavor involved in it, then the same may not be protected as “data property but as Copyright, since the protection of copyright is not dependent upon the “quality” of the contents but their “expression” as such. Thus, all “databases” are capable of copyright protection but not all copyrightable material qualifies for the data protection. The requirement of “quality” is more demanding in data property than the copyright. A material may fail to qualify for data protection, but it can still be copyrighted. This point is clarified by the use of the words “as such’ in Article 10(2) of the TRIPS Agreement.

    Thus, the TRIPS Agreement and the Copyright Act, 1957 sufficiently safeguard databases. The data, information and details will get the protection of ‘Data Property” if the same involves intellectual creations within the meaning of Article 10(2) of the TRIPS Agreement. If not, still they will be protected as copyright. Even non-data items are also protected, both under the TRIPS Agreement and the Act .

    The following “Data protection principles” must be adhered to by the individuals and company handling the same:

    (a) the data should be processed fairly and lawfully,
    (b) the data should be obtained for specific and lawful purpose,
    (c) the data should be adequate, relevant and not excessive,
    (d) the data should not be kept for longer than necessary,
    (e) the data should be processed in accordance with the rights of data subjects, and.
    (f) measures should be taken against unauthorized or unlawful processing.

    III. STRATEGIES FOR COMPANIES

    The companies operating in cyberspace are at the risk of violating various laws including laws protecting privacy rights and data property. The companies must formulate sound strategies to deal with them.

    The following strategies must be adopted by the companies for meeting various techno-legal requirements:

    (1) The companies must be cautious of the “liability clause” of various statutes. They must appoint an “officer in default” who must be responsible for managing cyber law matters of companies.
    (2) The web-site contracts made by the companies must be unambiguous and fair.
    (3) The companies must restrict their liabilities under those contracts.
    (4) The companies must adopt the well accepted standards of the contemporary practices.
    (5) The privacy rights of the netizens should be properly safeguarded.
    (6) Precautionary measures for the protection of valuable data, information, and trade secrets should be adopted.
    (7) The companies must take care of IPRs violations of various segments.
    (8) The companies must adopt sound advertisement policy.
    (9) The companies must be very cautious while dealing with juveniles as they are protected by laws but not the companies.
    (10) The companies must insure their business for uncertain risks.

    IV. CONCLUSION

    The above discussion shows that the proposed change in the Information Technology Act, 2000 for securing privacy and conferring data protection is not only unwarranted but is equally based on misinterpretation of the provisions of the Information Technology Act, 2000, Indian Copyright Act, 1957 and the TRIPS Agreement. The concerns and apprehensions of the MNCs are far-fetched and unwarranted. The TRIPS Agreement and the Copyright Act, 1957 provides sufficient safeguards for preventing violations of databases of MNCs. The data, information and details provided by the MNCs will get the protection of ‘Data Property” if the same involves intellectual creations within the meaning of Article 10(2) of the TRIPS Agreement. If they fail to satisfy the requirement of Article 10(2), still they will be protected as copyright. The brightest and the positive aspect of this situation is that even non-data items are also protected, both under the TRIPS Agreement and the Copyright Act, 1957. Similarly, both the Constitution of India and the Information Technology Act sufficiently protect the privacy concerns of the MNCs. Thus, the MNCs should concentrate on their “business initiatives” rather than wasting their resources and time on unnecessary concerns.

    © Praveen Dalal. All rights reserved with the author.
    * Arbitrator, Consultant and Advocate, Delhi High Court,
    Contact at: pd37@rediffmail.com/ perry4law@yahoo.com
    Telephone No: 9899169611.

    Options:

  • PRIVATE DEFENCE IN CYBERSPACE

    by perry4law @

    PRAVEEN DALAL (PERRY), ARBITRATOR, CONSULTANT AND ATTORNEY, DELHI HIGH COURT, INDIA.

    The aim of this article is to analyse the applicability of the concept of “private defence” in cyberspace, particularly against cyber terrorism. The traditional concept of private defence is available under the provisions of Indian Penal Code, 1860 (IPC). The same is equally applicable to the Information Technology Act, 2000, (ITA) as well, though with its peculiar modifications.

    I. Introduction

    The information technology is a double edge sword, which can be used for destructive as well as constructive work. Thus, the fate of many ventures depends upon the benign or vice intentions, as the case may be, of the person dealing with and using the technology. For instance, a malicious intention forwarded in the form of hacking, data theft, virus attack, etc can bring only destructive results. These methods, however, may also be used for checking the authenticity, safety and security of one’s technological device, which has been primarily relied upon and trusted for providing the security to a particular organisation. For instance, the creator of the “Sasser worm” has been hired as a “security software programmer” by a German firm, so that he can make firewalls, which will stop suspected files from entering computer systems . This exercise of hiring those persons who are responsible for causing havoc and nuisance is the recognition of the growing and inevitable need of “self protection”, which is recognised in all the countries of the world. In fact, a society without protection in the form of “self help” cannot be visualised in the present electronic era. The content providers, all over the world, have favoured proposed legislations in their respective countries, which allow them to disable copyright infringers’computers. In some countries the software developers have vehemently supported the legislations which allows them to remotely disable the computer violating the terms and conditions of the license allowing the use of the software. This position has, however, given birth to a debate about the desirability, propriety and the legality of a law providing for a disabling effect to these “malware” . The problem is further made complicate due to absence of a uniform law solving the “jurisdictional problem”. The Internet recognises no boundaries, hence the attacker or offender may belong to any part of the world, where the law of the offended country may not be effective. This has strengthened the need for a “techno-legal’ solution rather than a pure legal recourse in the present electronic era .

    II. The need of private defence

    The most deadly and destructive consequence of this helplessness is the emergence of the concept of “cyber terrorism”. The traditional concepts and methods of terrorism have taken new dimensions, which are more destructive and deadly in nature. In the age of information technology the terrorists have acquired an expertise to produce the most deadly combination of weapons and technology, which if not properly safeguarded in due course of time, will take its own toll. The damage so produced would be almost irreversible and most catastrophic in nature. In short, we are facing the worst form of terrorism popularly known as "Cyber Terrorism". The expression "cyber terrorism" includes an intentional negative and harmful use of the information technology for producing destructive and harmful effects to the property, whether tangible or intangible, of others. For instance, hacking of a computer system and then deleting the useful and valuable business information of the rival competitor is a part and parcel of cyber terrorism. The definition of "cyber terrorism" cannot be made exhaustive as the nature of crime is such that it must be left to be inclusive in nature. The nature of "cyberspace " is such that new methods and technologies are invented regularly; hence it is not advisable to put the definition in a straightjacket formula or pigeons hole. In fact, the first effort of the Courts should be to interpret the definition as liberally as possible so that the menace of cyber terrorism can be tackled stringently and with a punitive hand. The law dealing with cyber terrorism is, however, not adequate to meet the precarious intentions of these cyber terrorists and requires a rejuvenation in the light and context of the latest developments all over the world. The laws have to take care of the problems originating at the international level because the Internet, through which these terrorist activities are carried out, recognises no boundaries. Thus, a cyber terrorist can collapse the economic structure of a country from a place with which a country may not have any reciprocal arrangements, including an "extradition treaty". The only safeguard in such a situation is to use the latest technology to counter these problems. Thus, a good combination of the latest security technology and a law dealing with cyber terrorism is the need of the hour .

    III. The concept of private defence

    In India there is no law, which is specifically dealing with prevention of malware through private defense. Thus, the existing analogous provisions have to be applied in a purposive manner. The following provisions of the I.P.C, which is a general law dealing with offences in India, are of great significance in dealing with and tackling the use of malware by the use of private defence:

    (i) Section 96 of the Code declares that nothing is an offence, which is done in the exercise of the right of private defence. This section recognises the principle of self-help which is considered to be just, fair and reasonable in all the countries of the world.

    (ii) Section 97 of the Code provides that every person has a right, subject to the restrictions contained in Section 99, to defend:
    Secondly- The property, whether moveable or immoveable, of himself or of any other person, against any act which is an offence falling under the definition of theft, robbery, mischief or criminal trespass. This section recognises the right of a “third party” to protect the property of another, besides protecting his property. Thus, a public-spirited individual has a right to self-help by helping innocent victims of malware. For instance, a netizen who is an expert in protecting computers from viruses may make a programme, which has a potential to curb the virus put on the internet and may launch the same on it. In such a situation the person launching the malware cannot complain that such third party has no reason to feel aggrieved and has no right to retaliate. Such an action on the part of that public-spirited individual is morally, equitably and legally justified and will be protected by this section. This is a benign concept and it requires the most liberal, purposive and updating interpretation.

    (iii) Section 99, among other things, provides that there is no right of private defence in cases in which there is time to have recourse to the protection of the public authorities. Further, it provides that the right to private defence in no case extends to the inflicting of more harm than it is necessary to inflict for the purpose of defence, i.e. the principle of proportionality. It is suggested that this section applies to offences involving human beings as such and not the results created due to acts or omissions of the human beings. Thus, the requirement of taking recourse to public authorities arises only when the following two requirements are fulfilled:
    (a) There must not be any apprehension of death or grievous hurt (because in that case the concerned person is left with no choice but the instant life saving action) by the act or omission in question, and
    (b) Such act or omission must originate out of an active physical participation of human agency and it should not be limited to any act or omission unsupported by its physical presence.

    Reading Section 103 along with Section 99 further strengthens this argument. Section 103 provides that the “right of private defence of property” extends, under the restrictions mentioned in Section 99, to the voluntary causing “death” or of any other harm to the wrongdoer, if the offence of robbery, house breaking by night, mischief by fire to certain properties, theft, mischief or house trespass, are committed or attempted to be committed under such circumstances as may reasonably cause apprehension that death or grievous hurt will be the consequence, if such right of private defence is not exercised. A close reading of these sections reveals that these sections are tracing the operation of private defence vis-à-vis human being’s active and physical involvement and not in the sense of malware. This position is made crystal clear if we read the definition of “death” under section 46, which provides that the word “death” denotes death of a human being, unless the contrary appears from the context. It would bring absurd results if we argue that the context in the present situation is talking about the “death of the computer” or the “operating system”. Similarly, it will be unreasonable, in fact unrealistic and imaginary, to argue that for protecting one’s computer from malware, every time recourse to public authorities has to be taken. In fact, the main reason for providing the provisions concerning private defense is that State cannot protect the life and property of the citizen at all times. Thus, as a measure of public policy and practical convenience, the concept of self-help has been given a moral, equitable and legal sanction. Even under the Code there is an inherent and patent conflict between Section 99 and Section 103. Section 103 is subject to section 99, whereas section 99 itself is subject to Section 99. It is talking about taking recourse of public authorities when the act “does not” reasonably cause the apprehension of death or of grievous hurt. It means that if there is an immediate threat of death or grievous hurt, then recourse to public authorities need not be taken. This is logical and satisfies the tests of common sense, because a person cannot approach the public authorities after his death, which may result due to immediate peril to the life. Similarly, no useful purpose will be served by approaching the public authorities if grievous hurt has already been afflicted. In fact if there is an apprehension of death or grievous hurt, the right to private defence can be exercised even against a public servant who is though acting in good faith under the colour of his office is not strictly justifiable by law. It must be appreciated that no malware can cause any physical injury or apprehension of the same, which may necessitate recourse to public authorities within the meaning of section 99. Thus, it can safely be concluded that recourse to self-help can be taken under section 103 of the Code without approaching public authorities since it does not involve the real and active physical presence of the human agency. This is also in conformity with the basic theme and object of the concept of self-help and the practical requirements of law and its regulation of society.

    The application of Section 99 is not, however, completely excluded while exercising the right of private defense under Section 103. It must be noted that section 99 also recognises the principle of proportionality among other things. This means that the proposed harm given by the technological property holder must commensurate with the nature and gravity of the threat. Thus, the harm, if at all it is considered to be so, caused must be reasonable, proportionate and not unduly harsh. The moment it exceeds the limits, which may be deemed to be appropriate by a reasonable person, it will offend the benign objects of section 99, and may become illegal. Thus, to this extent, and in this sense only, Section 103 is subject to section 99. This interpretation satisfies the conflicting interests of private defence of information technology and the proportionate action required to be taken by the person exercising the private defence. This is not the end of this matter. Sections 99 and 103 must be interpreted in the light of Section 105 to make them meaningful. Section 105 of the Code provides that the right of private defence of property commences as soon as a reasonable apprehension of danger to property commences. There is a possibility that a particular malware may not give rise to such apprehension at all because of its programming and operational specifications. In such a case, the owner of the information technology comes to its knowledge when the damage has already been done. In such a situation no useful purpose will be served by approaching the public authorities, as they cannot undo what has already been done. To avoid such an eventuality, it is advisable to adopt precautionary technological measures, since precaution is always better than the cumbersome and expensive cure. As a concluding argument it may be pointed out that, by virtue of Section 40 of the Code, the right of private defence is allowed against offences committed under the “special laws” as well. In India the Information Technology Act, 2000 (ITA) is a special law applicable to matters pertaining to information technology. Thus, the provisions pf private defence will also take their colour from it. In case there is a conflict between the provisions of the Code and the ITA, the latter will prevail. Fortunately, there is no conflict between the provisions of the Code and ITA, hence the interpretation given to the sections, as mentioned above, together with a purposive interpretation of the provisions of the ITA would be sufficient to take care of the principles governing private defence of technological property, including the Intellectual property Rights stored in it.

    IV. Conclusion

    The problems associated with the use of malware are not peculiar to any particular country as the menace is global in nature. The countries all over the world are facing this problem and are trying their level best to eliminate this problem. The problem, however, cannot be effectively curbed unless popular public support and a vigilant judiciary back it. The legislature cannot enact a law against the general public opinion of the nation at large. Thus, first a public support has to be obtained not only at the national level but at the international level as well. The people all over the world are not against the enactment of statutes curbing the use of malware, but they are conscious about their legitimate rights. Thus, the law to be enacted by the legislature must take care of public interest on a priority basis. This can be achieved if a suitable technology is supported by an apt legislation, which can exclusively take care of the menace created by the computers sending the malware. Thus, the self-help measures recognised by the legislature should not be disproportionate and excessive than the threat received by the malware. Further, while using such self-help measures the property and rights of the general public should not be affected. It would also not be unreasonable to demand that such self-help measures should not themselves commit any illegal act or omission. Thus, a self-help measure should not be such as may destroy or steal the data or secret information stored in the computer of the person sending the malware. It must be noted that two wrongs cannot make a thing right. Thus, a demarcating line between self-help and taking law in one’s own hand must be drawn. In the ultimate analysis we must not forget that self-help measures are “watchdogs and not blood-hounds”, and their purpose should be restricted to legitimate and proportionate defensive actions only. In India, fortunately, we have a sound legal base for dealing with malware and the public at large has no problem in supporting the self-help measures to combat cyber terrorism and malware. If still there remains any doubt or objection, then it will be sufficient to mention that only a computer can react fast enough to take care of the menace of malware and the traditional methods of law enforcement are helpless in this regard. The problems of lack of harmonisation, doubt regarding jurisdiction, lack of a uniform extradition law between various countries of the world, etc can be solved only by using a legitimate, proportionate and reasonable mechanism of self-help, which is not only instant but also free from technicalities and formalities .

    © Praveen Dalal. All rights reserved with the author.
    * Arbitrator, Consultant and Advocate, Delhi High Court
    Contact at: pd37@rediffmail.com
    perry4law@yahoo.com
    Telephone no; +91 9899169611.

    Options:

Footer:

The content of this website belongs to a private person, blog.co.uk is not responsible for the content of this website.