Curbing cyber crimes with data localization

Context

  • In recent times, there have been many instances of the hard-earned money of Indians being taken out of bank accounts and charges loaded onto credit cards through online frauds.
  • As a nation making a huge transition to a cashless economy, public faith in the digital system needs to be consistently reinforced.
  • All the players involved, including banks, telecom companies, financial service providers etc. and the government, need to play a responsible role in ensuring innocent citizens do not undergo the trauma of suffering losses.
  • The customer also has a responsibility to maintain basic cyber hygiene, which includes following practices and taking precautions to keep one’s sensitive information organized, safe and secure.

The new startups

  • Another emerging casualty of such cybercrimes is the emerging “startup” ecosystem.
  • We are beginning to see multiple cases where customers of genuine startups, unicorns and Indian businesses have been subjected to online fraud.
  • These customers initially presume that it is the customer care departments of the companies that have conned them, as we see in many of the cases that get filed.
  • This is a dangerous trend. Not only does it shake people’s faith in digital systems, the scepticism vis-a-vis online transactions also hurts the potential of emerging companies.

Modus operandi of cyber crimes

  • Let us look at the modus operandi of some of the recent internet-based financial frauds affecting companies in the digital and e-commerce space.
  • Fraudsters usually start by creating various websites or accounts on social-media platforms that host some content to make them look deceptively similar to the authentic companies’ websites or social media interfaces.
  • Such websites and social media accounts list fake customer care numbers for the relevant brands.
  • When a customer tries to search for a company name by using a search engine, the customer care numbers or email IDs that pop up as results are often these fraudulent ones.

Most cases go unreported

  • Also, some victims of fraud are too ashamed to admit that they have been conned, and often do not even tell their families.
  • Yet, if the losses are large, the results can be devastating for fraud victims.
  • While many cases aren’t even reported, in cases that are, the investigations make little or no progress due to lack of access to data.

Need of the hour:

Enforcement agencies needs to gear up

  • Even the income tax department has not been spared, with people getting messages from a fraudulent source that masks itself as an income tax authority and sends a message asking them to claim tax refunds by sharing a link.
  • It is difficult to estimate the scale of the problem, as law enforcement agencies in different states are not fully equipped to understand and act upon complaints of such frauds.

Data localization

  • Since most search engines and social media platforms have no “permanent establishment” in India, law enforcement agencies have hit a wall on data access for the purpose of solving cybercrimes.
  • This has often raised calls for complete data localization, which could have been avoided had a collaborative mechanism for data access, based on agreed criteria, been put in place.
  • The Srikrishna Commission recommended that data be stored in the country either directly or through mirror servers to serve law enforcement needs.
  • The US Electronic Communications Privacy Act bars US-based service providers from disclosing electronic communications to law enforcement agencies of any country unless US legal requirements are met.
  • The bilateral mechanism of the India-US Mutual Legal Assistance Treaty is a bit outdated and does not seem to work.

Way forward

  • While privacy and data protection are necessary, and data localization may pose its own business challenges, India needs to work out a way to crack cyber frauds and crimes.
  • For this, the country urgently needs a legally-backed framework for a collaborative trigger mechanism that would bind all parties and enable law enforcers to act quickly and safeguard Indian citizens and businesses from a fast-growing menace.

Source:Livemint

Leave a Reply