The National Technical Research Organisation, the ambitious project to protect India’s cyber space, is all set to roll out in May. However, experts are sceptical on how the government will maintain a balance between cyber security and civil liberties, reports Vicky Nanjappa.
The 26/11 terror attacks in Mumbai saw one of the biggest failures of cyber intelligence in the country. However, this is expected to change as India rolls out the ambitious National Technical Research Organisation in another two months.
While this would without a doubt cost the common man his privacy, the Intelligence Bureau and the Research and Analysis Wing believe that some sacrifices ought to be made for the sake of national security.
The fact remains that there have been 500,284,715 attacks launched from online resources around the world in the last quarter. When it comes to risk quotient, India is at 51.88 per cent, which is very high in terms of security standards.
Most of the attacks in cyber space that occur in India are through China and Pakistan. Moreover, there is a lot of traffic which passes through India, with a lot of this content that is suspicious in nature.
The NTRO, a Rs 500 crore project, was approved last year and will get to work by May once the ministry of finance clears its budget.
While the main centre would operate out of Delhi and a plot has already been located in the outskirts of the national capital, there are likely to be centres in Bangalore and Kolkata as well.
The NTRO would work along with the intelligence wings, but its sole job would be to collect cyber intelligence pretty much on the lines of PRISM, the American clandestine mass electronic data surveillance program.
It would screen all forms of meta data and pass on the information to the intelligence wings which would coordinate between themselves and also share necessary information with the police in respective states.
Once the agency gets rolling there are bound to be a lot of questions regarding privacy issues, as in the case of PRISM that came under fire on snooping charges.
The NTRO was born out of the National Cyber Security Policy of 2013 which underlines what exactly a cyber spy agency would do. A nodal agency to coordinate all matters related to cyber security would be set up, apart from a mechanism to share information, identify and respond to cyber security incidents. A workforce comprising 5,00,000 professionals would be appointed.
Cyber security experts say that deficiencies can be found in the policy as it does not detail the parameters of privacy in the context of cyber security.
“Cyber security, privacy and civil rights or liberties constitute the three components of the triangle that is integral to the subject at hand. Further, the policy does not meet the expectations of the nation as much as how the data will be collected, how it would be processed and how it will be used.
“It also does not contain checks and balances for ensuring that activities meant for protecting cyber security are not abused. In terms of the recent intrusions into cyberspace, the policy does not explain as to how the government will maintain a blended balance between the protection of cyber security and protection of civil liberties -- the PRISM snooping being a classic case,” an expert also points out.
The policy is silent as to what would be the role of relevant stake-holders in the cyber security system in the event India is targeted like the Estonian attack of 2007.
Further, what one needs to see here is that the preservation of critical information and infrastructure, which are in the public sector, needed more elaboration in the policy.
The policy is also silent about the Central Monitoring System or the snooping surveillance interception, monitoring and scrutiny activities by other nations.
“Rather than giving the public answers, the policy is broad without touching upon the required parameters,” the expert further points out.