Need for Police Reforms in India Police Reforms vis-a-vis Cyber Crimes
As more and more of our work digitised chances of leaking of data seems
improbable and the problem of law enforcement officials, individual and
companies need to bear the cost of crime and loss. Digital technology and the
internet are providing criminals with new opportunities to commit crime.
It is now essential that police officers have the capability to deal confidently with the cyber element of crimes as it is fast becoming a dominant method in the perpetration of crime. But more than that, it is becoming a part of everything that the police have to deal with because the internet and digital technology are part of most peoples’ lives now.
After the advent of computer revolution started in India, most of our activity
Connected with the internet and we are directly and indirectly transact with the borderless Cyberworld .This paper describes the various challenges of law enforcement agencies faces in handling cyber crime, cyber crime legislative standards across jurisdictions, introduction of specialist force to combat cyber crime and finally, suggestions and conclusions are highlighted to modernise police force capacity to tackle the crime in the digital era.
Cyber crime challenges
After the number of user increased the challenges for our police force to adopt different strategies to fight crime in virtual world is need of the hour for prevention and nab the criminals involved in the cyber crime.
Financial institutions do not always report crimes committed against their customers because they are concerned about customers losing their confidence in the security of the institutions' computer systems. This makes it difficult for police forces to effectively identify and understand threats, risks and harm posed by cybercrime as they do not have all of the necessary information they need.
The complaint need to go specific cyber security cell police station not to all the police station for lodging the complaint, lack of awareness and distance factors results many cases being unreported.
Rapid deployment team
This is the newest of the national threats to require a national response by the police service. A large-scale cyber incident could be caused by either the aggregation of individual cybercrimes or the commission of a single attack.
We need to classify the threat based on the level of impact.
·Large scale incident, Terrorism, Financial institution, Threat to public law disorder, attack on government online services
·Medium scale incident – Corporate level – data theft
·Small Scale Incident – fraud, child bullying, identify fraud offences
The threat of a large-scale cyber incident is the newest of the national threats to require a national co-ordinated response by the police and the national law enforcement and intelligence agencies.1
In case of large-scale cyber incident National Level Computer Emergency Response Team (CERT-In) co-ordinate with National Critical Information Infrastructure Protection Centre,
rapid deployment team should be created in every state that connect locally, regionally, nationally to deploy at short notice to reduce the risk of disruption and improve the security posture. Rapid deployment team consists of computer specialists in cybercrime. In the form of ‘high-tech crime’ investigators who recover evidence from computers, covert internet investigators (CIIs).
Interagency cooperation
Proper co-ordination and support between the departments is necessary for uniformed operations, internal communication should be strengthen by establishing standards and mechanisms for secure information flow (while in process, handling, storage & transit), crisis management plan, proactive security posture assessment and forensically enabled information infrastructure. 2
Law enforcement powers to obtain digital evidence
When dealing with cyber crime for LEAs to be able to quickly secure digital evidence, often in multiple jurisdictions, to ensure that it is retained and the forensic quality of the evidence is preserved 3.In getting information for forensic analysis from overseas ISPs and telecommunication services is often too slow to identify an offender. Data is generally not received in time to be submitted to court.
Inconsistent legislation or a lack of cyber crime offences can also mean that individuals based overseas escape extradition and prosecution for cyber offences because there is no similar offence in the country of origin.
If international cooperation is done on a police to police basis tedious process will be changed which make it easy to obtain evidence to identify offenders fast enough to enable a prosecution 4.
For example, inconsistent telecommunications intercept data retention laws can mean that evidence that would be complexities of securing electronic evidence (e-evidence) of any type of crime or economic offence.
The National Cyber Security Policy of 2013 refers to effective law-enforcement capabilities for investigation and prosecution of cybercrime, but not to the broader issue of electronic evidence. Securing e-evidence is an increasingly complex undertaking. The sheer volume of cases involving e-evidence, the number of devices, users and victims involved, and technical complications such as encryption present major challenges.
The transnational nature of e-evidence, it may be stored in foreign jurisdictions even in cases that are otherwise fully domestic, combined with the transversal scope of e-evidence, in that any crime may entail such evidence, has implications on international cooperation in criminal matters. Most mutual legal assistance (MLA) requests for e-evidence are not related to cybercrime but to fraud and financial crimes followed by violent and serious crimes.
Given the volatility of e-evidence, the mutual legal assistance process is rather inefficient. Response times of 6–24 months to MLA requests appear to be the norm. Many requests and thus investigations are abandoned. This adversely affects the obligation of governments to protect society and individuals against cybercrime and other crime.
Securing e-evidence for criminal justice purposes is particularly challenging in the context of cloud computing where data is distributed over different services, providers, locations and often jurisdictions, and where mutual legal assistance is often not feasible. It risks failure of governments in their obligation to protect the rights of individuals and society against crimes and loss of faith in the rule of law.
Cloud computing further complicates the matter. MLA requests are about cooperation between competent authorities. But if evidence is less held on a specific device or in closed networks but is distributed over different services, providers, locations and often jurisdictions, it is difficult to identify to which authorities to send a request.
Furthermore, law-enforcement powers are tied to the principle of territoriality, meaning that a criminal justice authority can only enforce its laws, such as ordering a service provider to produce data, or searching and seizing a computer system, on its own territory 5.
The Indian Ministry of Home Affairs, which serves as the nodal agency for MLAT requests and acts as a liaison between Indian LEAs and their foreign counterparts, has often been found wanting in helping harmonise these requests with the needs of the requested state. For instance, translation of supporting documents into the language of the requested state (a mandate of the MHA under MLATs) is reported to have not been followed in some instances, resulting in the rejection of requests. In many other instances, the time taken by the MHA for review adds to an inordinate delay in the filing of these requests. Most of these problems stem from a lack of trained personnel dedicated to handling MLAT requests.
These problems, however, are not unique to India. MLATs and similar formal data sharing mechanisms are generally considered ill-suited for investigation of cybercrimes. This realisation has caused the US and UK, for instance, to negotiate a direct data sharing agreement that would allow UK LEAs to demand data directly from intermediaries holding data in the US. Asine qua nonfor this agreement is a written assessment that UK’s laws have both substantial and procedural protections for user privacy and that the government has displayed adequate respect for human rights 6. This agreement, which is likely to come into effect before the end of 2017, should substantially ease the process for obtaining electronic data for investigations for LEAs in the US and UK.
Investigative powers
Electronic communication data is essential to the successful investigation and prosecution of serious crimes (including cybercrime) to effectively prosecute online criminal activity.
A broader issue relating to cyber crime is police powers, such as “remote access powersâ€. By allowing a warrant to be obtained for remote access, law enforcement is more likely to be able to decipher encrypted data by conducting surveillance at a point between the user and the encryption interface. This would involve remotely accessing (or “hacking intoâ€) a computer via the internet to obtain transmissions of product passing over that computer at a point at which it is unencrypted.
While the FBI is only recently starting totest the boundaries of Rule 41’s amended languageRule 41(6) (a) (b) of the Federal Rules of Criminal Procedure and Clarifying Lawful Overseas Use of Data) Act (CLOUD) Bill with respect to criminal botnet investigations, because criminal suspects would often conceal the location of their computers using anonymous proxy servers and other obfuscating technology 7. India’s data protection bill should have clause based on the Bill to use on critical situation.
The bill would allow U.S. law enforcement to access data stored abroad by increasing the reach of the law that federal law enforcement uses to access data, without the cooperation of foreign governments. Law enforcement could order companies to provide data regardless of the location of the data or data subject. This would mean that U.S. courts would claim global authority.
The bill would enable agreements between the U.S. and other governments whose law enforcement would be permitted to directly request data from U.S. companies without adequate protections for user privacy 8.
Cyber security policy-2013, Criminal Procedure Code, Police act 1861 and data protection Bill is silent, hence this would require legislative amendments in Police act 1861, Criminal Procedure Code and data protection Bill by introducing new rule based on the US Rule and Bill will grant the government, Judicial and law enforcement officials greatly expanded search powers and for prosecution of online offenders.
The probability of getting arrested or going to jail is low. Not one of the perpetrators of the biggest headline-grabbing breaches has been prosecuted. Law enforcement agencies are stepping up their efforts, but many cybercriminals operate outside of their jurisdictions 9.
Furthermore, efforts have to be made to equip them with:
Adequate staff with appropriate skill sets
Infrastructure for cybercrime investigation unit
Infrastructure for cyber forensic units (to aid investigation, which would be in addition to the forensic labs to give expert opinion for evidentiary purposes)
Appropriate standard operating procedures (SOPs) 10.
Training
The police forces’ capacity and contribution to the response against the national cyber threat is currently limited to the deployment of a relatively small number of specialists, who can be used to investigate cybercrime.
Cybercrimes introduce unanticipated risks and effects, creating greater urgency to equip investigators with new skill sets. One such area is the establishment of a cloud computing training platform that comprises a networked and nodal nature, parallel to that of cyber security.
This platform can be pivotal to increase shared knowledge and skills for investigators and connect LEAs and stakeholders. This cloud-based training system could encompass functions depicted in the diagram 11.
Traditional modes of training through books, boards, PowerPoint / PDF-based approach are not very suitable for trainings to combat cybercrime. There is need for more practical training, something based on simulated environments. However, given the need of volumes, the proposed methodology should be scalable.
The challenges of cybercrime trainings can be summarised as:
Traditional PowerPoint/ PDF-based approach not very suitable
Number of officers to be trained (volume)
Inaccurate assessments of needs of LEAs
Standardised curriculum
A centralised learning platform provides users from different professions about common objectives to address cybercrimes. Standardised courses enable frontline officers, prosecutors and data analysts with varying levels of cyber knowledge to acquire a consistent overview of investigations such as digital evidence handling, intelligence development and legal procedures.
·Greater knowledge about how their roles contribute to investigations could lead to increased productivity and efficiency
·Collaborative processes among investigators could be more streamlined and integrated at a global scale through this platform.
Curriculum needs to be standardised by keeping in mind different roles of different LEAs and skill sets required for each role. A tentative list of roles would include:
·First responder officer
·Frontline officer
·General investigator
·Cybercrime investigator
·Cybercrime intelligence analyst
·Digital forensics specialist
·Head of unit: Investigation/forensics
·Senior LEA manager
1.1 Cyber Range or Simulated Cybercrime Scenarios
This is the key component of this model. Besides preparation of traditional modes of training through books, boards, power point/PDF-based approach, there is a strong need for more training based on simulated environments. This would mean creation of scenarios, including digital exhibits (logs, etc.) for extraction by trainees using forensic tools preloaded on the infrastructure, using appropriate procedures.
1.2 New modus operandi
In cyberspace, criminals keep on adopting new modus operandi every day and therefore, simulation-based training methodology has to be contemporary. To develop new scenarios, it is important to keep abreast of new modus operandi and technology trends.
This part would include:
·Knowledge exchange on current and emerging methods of operations (or modus operandi) of cybercriminals
·Within this platform, training courses could stress-test the computing skills of cybercrime experts to analyse and discern signals collected from hacker forums, internet relay chat rooms and messaging texts
·Attacks like phishing and tampering, advanced persistent threats, backend systems and reverse-engineering could be simulated.
·Combating cybercrime could take more than technical skills and require cross-disciplinary knowledge. Researchers must look at the best practices to stay ahead of hackers by understanding indicators of malware victimisation, the ecology of trust and motivation among hackers, online hacker communication and interaction styles
·Gaining practice in such knowledge exchanges could shed light on how hacker communities interact and share information, creating actionable intelligence for cybercrime investigations
·Able to develop the best science to help advance cyber security training and research
1.3. Continuous redesign for training material
·Feedback gathered from learner usage and experience must be utilised to design new knowledge capacity and material
·The modules should be developed by subject-matter-experts, ensuring quality content is constantly updated
·Training courses should be more reflective of real-world cases and incidents
·Maintain engagement with users by tapping into learners’ interests, offering appropriate challenges and increasing motivation
1.4. LEA Certifications
·This platform could allow performance-based certification to demonstrate that users know what to look for and what actions to take during a cyber incident
·Assess if knowledge or skills have been practically transferred
·Automated scoring and self-assessments in different areas of cybercrime
·Provide critical insights into the effectiveness of training platform
1.5. Environmental scanning of new technology
This platform will probe how internet-enabled technologies and wearables impact cybersecurity, policing and how crime could be conceived.
A horizontal approach should involve cyber experts and technology innovators of LEAs from different countries share their cyber investigative products and threat assessments
Police agencies should perform SWOT analysis of their cyber capabilities and identify the next steps for improvement, providing insights into the different needs and stages of cyber capacity development for individual countries Vertically, the expanse of future internet-enabled crimes could be analysed at national, regional, and international levels
1.6. Synchronised skill levels
·This platform will allow new relationships with other nodes within the networks of the cybersecurity architecture
·Effective collaboration and greater harmonisation provide a more accurate and comprehensive assessment of cyber criminality, ensuring responses are coordinated, effective and timely
·Law enforcement collaborations with the private sector to explore and design complex simulations of future communications technologies that are prone to criminal exploitation, improve cyber security skills at all levels and work with associated professions to make industry more resilient to cybercrime 12.
In addition to training opportunities, Police force needs to seek the assistance of appropriately skilled volunteers to help them improve their skills in tackling cyber threats.
Taking into account the demand for new skills to investigate crimes in cyberspace, the necessity to review policing concepts, such as the justification of a breach of public order, the applicability of techniques in policing the real world to the maintenance of order in virtual space, implementation of these instruments in a practical environment remains the highest priority 13.
Public–private partnerships
Public–private partnerships are also key in enabling a more pro-active and agile
approach to combating cybercrime. The shared responsibility and cooperation between
police and the private sector promises to be an effective way of enhancing the effectiveness of addressing cyber-related threats and also in the fight against cybercrime 14.
International agreements
International agreement is the need of the hour to address security and the rule of law in cyber world.
To overcome these challenges India should join Council of Europe’s Cybercrime Convention Committee which gives more access and Solutions to enable criminal justice access to evidence in the cloud are a priority of the committee.
The Budapest Convention provides for (i) the criminalisation of conduct, ranging from illegal access, data and systems interference to computer-related fraud and child pornography; (ii) procedural law tools to make the investigation of cybercrime and the securing of e-evidence in relation to any crime more effective; and (iii) international police and judicial cooperation on cybercrime and e-evidence.
The National Cyber Security Policy of 2013 refers to effective law-enforcement capabilities for investigation and prosecution of cybercrime, but not to the broader issue of electronic evidence.
Criminal justice authorities need access to data for use as evidence in criminal proceedings; without data, there will be no evidence, no justice and no rule of law. Increasingly, evidence in relation to any crime is stored in the electronic form on computer systems. This includes serious and violent crime, such as location data in cases of murder or rape, subscriber information related to ransom e-mails sent during kidnappings, data to identify and locate victims of child abuse or data on communications between terrorists.
It can be assumed that this is increasingly a reality in India and that a growing proportion of the more than seven million crimes recorded entail e-evidence.
The more real-world crime involves e-evidence, the greater the need for law-enforcement officers, prosecutors or judges to have the skills to deal with e-evidence. Major capacity-building within the criminal justice system is required and clear rules for access to e-evidence and its admissibility in court need to be established.
The question of procedural law powers to secure e-evidence and, by extension, efficient access to evidence in a transnational and cloud context is a complicated challenge, given the limitations of the MLA process which is normally designed to protect the rights of individuals as well as the interests of states in which evidence is located.
With participation in the Council of Europe Convention on Cybercrime would increase India’s ability to obtain international assistance from other parties to the convention in investigating potential cyber crime offences, particularly in relation to accessing telecommunications. This makes international cooperation critical to efforts to criminalise, detect, disrupt, prevent and ultimately to pursue effective law enforcement action 15.
Recommendations and conclusion
To suggest remedial measures to ensure effective prevention and control of the cyber crimes based on the study following suggestions are recommended:
# Use of Encryption Technology
# Increase number of appointment of cyber forensic consultant.
# Educating the public on cyber crimes cases
# Liberalisation of Law relating to Search and Seizure
# Development of Cyber Forensics lab and Biometric Techniques
# Need to establish a Computer Crime Research and Development Centre in every state.
# Need for Universalisation of Cyber Law
# To Combat the Menace of Cyber Terrorism increase training allocation fund once in every 2 years
# Establish Special Cyber Crime Investigation Cell for Hi-Tech Crimes every state.
# Create awareness of Cyber Crimes at the High School level
# Introduce Cyber Laws in the Curriculum in graduation level
# To develop strategies to help decrease the backlog of digital evidence, develop a mechanism to track the timelines of the cyber security team response to report of cyber crime activity
# Re Establishment of Special Cyber Courts to handle Cyber Crime case in every major cities
# View FIR functionality available on Police citizen portals as per Supreme Court guidelines
# Planting of Baits in Cyberspace for Worms and Viruses
# Use of Data Analytical tool to Regulate of Social Networking Sites
# Need for Imparting Training to Officials to Investigate Cyber Crimes
# Encouragement of Cyber Crime Victims to Lodge Complaints
# Increased international law enforcement cooperation among nations and the private sector and investment in more resources for investigation, especially among developing nations
# Modernisation of current processes, such as the Mutual Legal Assistance Treaty (MLAT), which allows governments to enlist the help of other government in cybercrime investigations and evidence collection
# Better collection of aggregate data by national authorities
# Standardisation of threat information and coordination of cyber security requirements to boost security in critical sectors like finance
# To implement national working group on cyber crime to maintain dedicated mechanism for the review and development of legislative responses to cyber security
police lack sufficient tools to identify offenders or deploy technical capability to remove malicious software. LEAs must have the tools needed to work with international partners in a concerted effort to tackle the cyber crime problem and prosecute the members
# Legislation to support remote access to attack other machines in preventing cyber attack
# To follow Council of Europe Convention on Cybercrime policy adapting measures to our national cyber security policy along the line of the treaty
Conclusion
An oft repeated quote in the context of the internet is that of Judge Nancy Gertner in Digital
Equipment Corp. v. Altavista Technology: “The internet has no territorial boundaries 16. To paraphrase Gertrude Stein, as far as the internet is concerned, not only is there perhaps ‘no there, there’, the ‘there’ is everywhere where there is internet access.17â€
This research paper attempts in pointing out urgent need of legislation and policy formulation in the field of cyber crime investigation. Problem of potential misuse of internet is increasing day by day, It’s important for law makers, judicial and government to ensure that law reflect updated to tackle the menace of cyber crime and it is time to gear up for law enforcement official to fight computer crime.
References
1-The Strategic Policing Requirement: An inspection of the arrangements that police forces have in place to meet the Strategic Policing Requirement, HMIC, April 2014. Available from: www.hmic.gov.uk/publication/an-inspection-of-the-arrangements-that-police-forces-have-in-place-to-meet-the-strategic-policing-requirement/
2-National Cyber Security Policy 2013
3-AusCERT, Submission 30, p.15
4-The Australian Federal Police, Supplementary Submission 25.1, pp.8,9.
5-Alexander SegerIndia and the Budapest Convention: Why not? - https://www.orfonline.org/expert-speak/india-and-the-budapest-convention-why-not/
6-Peter J. Kazdik, “Assistant Attorney General, US Department of Justice, in Letter to Joseph R. Biden, President, United States Senate,†Department of Justice, July 15, 2016, available at: https://www.aclu.org/sites/default/files/field_document/doj_legislative_proposal.pdf.
7-By Eric PesaleUpdated Criminal Procedure Rule Allows Government to Remote-Hack Computers.https://blog.logikcull.com/updated-criminal-procedure-rule-allows-government-to-remote-hack-computers
8-Drew Mitnick New U.S. CLOUD Act is a threat to global privacy. - https://www.accessnow.org/new-u-s-cloud-act-threat-global-privacy/
9-The Economic Impact of Cybercrime—No Slowing Down “McAfee Labs Threat Report,†McAfee, December 2017
10- National Capacity Strengthening to Combat Cybercrime.Madan M. Oberoi - http://www.digitalpolicy.org/national-capacity-strengthening-to-combat-cybercrime/
11- Interpol
12-National Capacity Strengthening to Combat Cybercrime.Madan M. Oberoi - http://www.digitalpolicy.org/national-capacity-strengthening-to-combat-cybercrime/
13-Tatiana Tropina cyber policing the role of the police in fighting the cyber crime. European Police Science and Research Bulletin. Special Conference Issue Nr. 2
14-Communication from the Commission to the European Parliament, the Council and the Committee of the Regions, 2007.
15-Alexander Seger. India and the Budapest Convention: Why not? - https://www.orfonline.org/expert-speak/india-and-the-budapest-convention-why-not/
16-The Indian Journal of Law and Technology Vol 6, 2010. Jurisdictional Issues in Cyberspace. Justice S. Muralidhar. 960 F. Supp. 456 (D. Mass. 1997)
17- The Indian Journal of Law and Technology Vol 6, 2010. Jurisdictional Issues in Cyberspace. Justice S. Muralidhar. 17-Id.at 462
It is now essential that police officers have the capability to deal confidently with the cyber element of crimes as it is fast becoming a dominant method in the perpetration of crime. But more than that, it is becoming a part of everything that the police have to deal with because the internet and digital technology are part of most peoples’ lives now.
After the advent of computer revolution started in India, most of our activity
Connected with the internet and we are directly and indirectly transact with the borderless Cyberworld .This paper describes the various challenges of law enforcement agencies faces in handling cyber crime, cyber crime legislative standards across jurisdictions, introduction of specialist force to combat cyber crime and finally, suggestions and conclusions are highlighted to modernise police force capacity to tackle the crime in the digital era.
Cyber crime challenges
After the number of user increased the challenges for our police force to adopt different strategies to fight crime in virtual world is need of the hour for prevention and nab the criminals involved in the cyber crime.
Financial institutions do not always report crimes committed against their customers because they are concerned about customers losing their confidence in the security of the institutions' computer systems. This makes it difficult for police forces to effectively identify and understand threats, risks and harm posed by cybercrime as they do not have all of the necessary information they need.
The complaint need to go specific cyber security cell police station not to all the police station for lodging the complaint, lack of awareness and distance factors results many cases being unreported.
Rapid deployment team
This is the newest of the national threats to require a national response by the police service. A large-scale cyber incident could be caused by either the aggregation of individual cybercrimes or the commission of a single attack.
We need to classify the threat based on the level of impact.
·Large scale incident, Terrorism, Financial institution, Threat to public law disorder, attack on government online services
·Medium scale incident – Corporate level – data theft
·Small Scale Incident – fraud, child bullying, identify fraud offences
The threat of a large-scale cyber incident is the newest of the national threats to require a national co-ordinated response by the police and the national law enforcement and intelligence agencies.1
In case of large-scale cyber incident National Level Computer Emergency Response Team (CERT-In) co-ordinate with National Critical Information Infrastructure Protection Centre,
rapid deployment team should be created in every state that connect locally, regionally, nationally to deploy at short notice to reduce the risk of disruption and improve the security posture. Rapid deployment team consists of computer specialists in cybercrime. In the form of ‘high-tech crime’ investigators who recover evidence from computers, covert internet investigators (CIIs).
Interagency cooperation
Proper co-ordination and support between the departments is necessary for uniformed operations, internal communication should be strengthen by establishing standards and mechanisms for secure information flow (while in process, handling, storage & transit), crisis management plan, proactive security posture assessment and forensically enabled information infrastructure. 2
Law enforcement powers to obtain digital evidence
When dealing with cyber crime for LEAs to be able to quickly secure digital evidence, often in multiple jurisdictions, to ensure that it is retained and the forensic quality of the evidence is preserved 3.In getting information for forensic analysis from overseas ISPs and telecommunication services is often too slow to identify an offender. Data is generally not received in time to be submitted to court.
Inconsistent legislation or a lack of cyber crime offences can also mean that individuals based overseas escape extradition and prosecution for cyber offences because there is no similar offence in the country of origin.
If international cooperation is done on a police to police basis tedious process will be changed which make it easy to obtain evidence to identify offenders fast enough to enable a prosecution 4.
For example, inconsistent telecommunications intercept data retention laws can mean that evidence that would be complexities of securing electronic evidence (e-evidence) of any type of crime or economic offence.
The National Cyber Security Policy of 2013 refers to effective law-enforcement capabilities for investigation and prosecution of cybercrime, but not to the broader issue of electronic evidence. Securing e-evidence is an increasingly complex undertaking. The sheer volume of cases involving e-evidence, the number of devices, users and victims involved, and technical complications such as encryption present major challenges.
The transnational nature of e-evidence, it may be stored in foreign jurisdictions even in cases that are otherwise fully domestic, combined with the transversal scope of e-evidence, in that any crime may entail such evidence, has implications on international cooperation in criminal matters. Most mutual legal assistance (MLA) requests for e-evidence are not related to cybercrime but to fraud and financial crimes followed by violent and serious crimes.
Given the volatility of e-evidence, the mutual legal assistance process is rather inefficient. Response times of 6–24 months to MLA requests appear to be the norm. Many requests and thus investigations are abandoned. This adversely affects the obligation of governments to protect society and individuals against cybercrime and other crime.
Securing e-evidence for criminal justice purposes is particularly challenging in the context of cloud computing where data is distributed over different services, providers, locations and often jurisdictions, and where mutual legal assistance is often not feasible. It risks failure of governments in their obligation to protect the rights of individuals and society against crimes and loss of faith in the rule of law.
Cloud computing further complicates the matter. MLA requests are about cooperation between competent authorities. But if evidence is less held on a specific device or in closed networks but is distributed over different services, providers, locations and often jurisdictions, it is difficult to identify to which authorities to send a request.
Furthermore, law-enforcement powers are tied to the principle of territoriality, meaning that a criminal justice authority can only enforce its laws, such as ordering a service provider to produce data, or searching and seizing a computer system, on its own territory 5.
The Indian Ministry of Home Affairs, which serves as the nodal agency for MLAT requests and acts as a liaison between Indian LEAs and their foreign counterparts, has often been found wanting in helping harmonise these requests with the needs of the requested state. For instance, translation of supporting documents into the language of the requested state (a mandate of the MHA under MLATs) is reported to have not been followed in some instances, resulting in the rejection of requests. In many other instances, the time taken by the MHA for review adds to an inordinate delay in the filing of these requests. Most of these problems stem from a lack of trained personnel dedicated to handling MLAT requests.
These problems, however, are not unique to India. MLATs and similar formal data sharing mechanisms are generally considered ill-suited for investigation of cybercrimes. This realisation has caused the US and UK, for instance, to negotiate a direct data sharing agreement that would allow UK LEAs to demand data directly from intermediaries holding data in the US. Asine qua nonfor this agreement is a written assessment that UK’s laws have both substantial and procedural protections for user privacy and that the government has displayed adequate respect for human rights 6. This agreement, which is likely to come into effect before the end of 2017, should substantially ease the process for obtaining electronic data for investigations for LEAs in the US and UK.
Investigative powers
Electronic communication data is essential to the successful investigation and prosecution of serious crimes (including cybercrime) to effectively prosecute online criminal activity.
A broader issue relating to cyber crime is police powers, such as “remote access powersâ€. By allowing a warrant to be obtained for remote access, law enforcement is more likely to be able to decipher encrypted data by conducting surveillance at a point between the user and the encryption interface. This would involve remotely accessing (or “hacking intoâ€) a computer via the internet to obtain transmissions of product passing over that computer at a point at which it is unencrypted.
While the FBI is only recently starting totest the boundaries of Rule 41’s amended languageRule 41(6) (a) (b) of the Federal Rules of Criminal Procedure and Clarifying Lawful Overseas Use of Data) Act (CLOUD) Bill with respect to criminal botnet investigations, because criminal suspects would often conceal the location of their computers using anonymous proxy servers and other obfuscating technology 7. India’s data protection bill should have clause based on the Bill to use on critical situation.
The bill would allow U.S. law enforcement to access data stored abroad by increasing the reach of the law that federal law enforcement uses to access data, without the cooperation of foreign governments. Law enforcement could order companies to provide data regardless of the location of the data or data subject. This would mean that U.S. courts would claim global authority.
The bill would enable agreements between the U.S. and other governments whose law enforcement would be permitted to directly request data from U.S. companies without adequate protections for user privacy 8.
Cyber security policy-2013, Criminal Procedure Code, Police act 1861 and data protection Bill is silent, hence this would require legislative amendments in Police act 1861, Criminal Procedure Code and data protection Bill by introducing new rule based on the US Rule and Bill will grant the government, Judicial and law enforcement officials greatly expanded search powers and for prosecution of online offenders.
The probability of getting arrested or going to jail is low. Not one of the perpetrators of the biggest headline-grabbing breaches has been prosecuted. Law enforcement agencies are stepping up their efforts, but many cybercriminals operate outside of their jurisdictions 9.
Furthermore, efforts have to be made to equip them with:
Adequate staff with appropriate skill sets
Infrastructure for cybercrime investigation unit
Infrastructure for cyber forensic units (to aid investigation, which would be in addition to the forensic labs to give expert opinion for evidentiary purposes)
Appropriate standard operating procedures (SOPs) 10.
Training
The police forces’ capacity and contribution to the response against the national cyber threat is currently limited to the deployment of a relatively small number of specialists, who can be used to investigate cybercrime.
Cybercrimes introduce unanticipated risks and effects, creating greater urgency to equip investigators with new skill sets. One such area is the establishment of a cloud computing training platform that comprises a networked and nodal nature, parallel to that of cyber security.
This platform can be pivotal to increase shared knowledge and skills for investigators and connect LEAs and stakeholders. This cloud-based training system could encompass functions depicted in the diagram 11.
Traditional modes of training through books, boards, PowerPoint / PDF-based approach are not very suitable for trainings to combat cybercrime. There is need for more practical training, something based on simulated environments. However, given the need of volumes, the proposed methodology should be scalable.
The challenges of cybercrime trainings can be summarised as:
Traditional PowerPoint/ PDF-based approach not very suitable
Number of officers to be trained (volume)
Inaccurate assessments of needs of LEAs
Standardised curriculum
A centralised learning platform provides users from different professions about common objectives to address cybercrimes. Standardised courses enable frontline officers, prosecutors and data analysts with varying levels of cyber knowledge to acquire a consistent overview of investigations such as digital evidence handling, intelligence development and legal procedures.
·Greater knowledge about how their roles contribute to investigations could lead to increased productivity and efficiency
·Collaborative processes among investigators could be more streamlined and integrated at a global scale through this platform.
Curriculum needs to be standardised by keeping in mind different roles of different LEAs and skill sets required for each role. A tentative list of roles would include:
·First responder officer
·Frontline officer
·General investigator
·Cybercrime investigator
·Cybercrime intelligence analyst
·Digital forensics specialist
·Head of unit: Investigation/forensics
·Senior LEA manager
1.1 Cyber Range or Simulated Cybercrime Scenarios
This is the key component of this model. Besides preparation of traditional modes of training through books, boards, power point/PDF-based approach, there is a strong need for more training based on simulated environments. This would mean creation of scenarios, including digital exhibits (logs, etc.) for extraction by trainees using forensic tools preloaded on the infrastructure, using appropriate procedures.
1.2 New modus operandi
In cyberspace, criminals keep on adopting new modus operandi every day and therefore, simulation-based training methodology has to be contemporary. To develop new scenarios, it is important to keep abreast of new modus operandi and technology trends.
This part would include:
·Knowledge exchange on current and emerging methods of operations (or modus operandi) of cybercriminals
·Within this platform, training courses could stress-test the computing skills of cybercrime experts to analyse and discern signals collected from hacker forums, internet relay chat rooms and messaging texts
·Attacks like phishing and tampering, advanced persistent threats, backend systems and reverse-engineering could be simulated.
·Combating cybercrime could take more than technical skills and require cross-disciplinary knowledge. Researchers must look at the best practices to stay ahead of hackers by understanding indicators of malware victimisation, the ecology of trust and motivation among hackers, online hacker communication and interaction styles
·Gaining practice in such knowledge exchanges could shed light on how hacker communities interact and share information, creating actionable intelligence for cybercrime investigations
·Able to develop the best science to help advance cyber security training and research
1.3. Continuous redesign for training material
·Feedback gathered from learner usage and experience must be utilised to design new knowledge capacity and material
·The modules should be developed by subject-matter-experts, ensuring quality content is constantly updated
·Training courses should be more reflective of real-world cases and incidents
·Maintain engagement with users by tapping into learners’ interests, offering appropriate challenges and increasing motivation
1.4. LEA Certifications
·This platform could allow performance-based certification to demonstrate that users know what to look for and what actions to take during a cyber incident
·Assess if knowledge or skills have been practically transferred
·Automated scoring and self-assessments in different areas of cybercrime
·Provide critical insights into the effectiveness of training platform
1.5. Environmental scanning of new technology
This platform will probe how internet-enabled technologies and wearables impact cybersecurity, policing and how crime could be conceived.
A horizontal approach should involve cyber experts and technology innovators of LEAs from different countries share their cyber investigative products and threat assessments
Police agencies should perform SWOT analysis of their cyber capabilities and identify the next steps for improvement, providing insights into the different needs and stages of cyber capacity development for individual countries Vertically, the expanse of future internet-enabled crimes could be analysed at national, regional, and international levels
1.6. Synchronised skill levels
·This platform will allow new relationships with other nodes within the networks of the cybersecurity architecture
·Effective collaboration and greater harmonisation provide a more accurate and comprehensive assessment of cyber criminality, ensuring responses are coordinated, effective and timely
·Law enforcement collaborations with the private sector to explore and design complex simulations of future communications technologies that are prone to criminal exploitation, improve cyber security skills at all levels and work with associated professions to make industry more resilient to cybercrime 12.
In addition to training opportunities, Police force needs to seek the assistance of appropriately skilled volunteers to help them improve their skills in tackling cyber threats.
Taking into account the demand for new skills to investigate crimes in cyberspace, the necessity to review policing concepts, such as the justification of a breach of public order, the applicability of techniques in policing the real world to the maintenance of order in virtual space, implementation of these instruments in a practical environment remains the highest priority 13.
Public–private partnerships
Public–private partnerships are also key in enabling a more pro-active and agile
approach to combating cybercrime. The shared responsibility and cooperation between
police and the private sector promises to be an effective way of enhancing the effectiveness of addressing cyber-related threats and also in the fight against cybercrime 14.
International agreements
International agreement is the need of the hour to address security and the rule of law in cyber world.
To overcome these challenges India should join Council of Europe’s Cybercrime Convention Committee which gives more access and Solutions to enable criminal justice access to evidence in the cloud are a priority of the committee.
The Budapest Convention provides for (i) the criminalisation of conduct, ranging from illegal access, data and systems interference to computer-related fraud and child pornography; (ii) procedural law tools to make the investigation of cybercrime and the securing of e-evidence in relation to any crime more effective; and (iii) international police and judicial cooperation on cybercrime and e-evidence.
The National Cyber Security Policy of 2013 refers to effective law-enforcement capabilities for investigation and prosecution of cybercrime, but not to the broader issue of electronic evidence.
Criminal justice authorities need access to data for use as evidence in criminal proceedings; without data, there will be no evidence, no justice and no rule of law. Increasingly, evidence in relation to any crime is stored in the electronic form on computer systems. This includes serious and violent crime, such as location data in cases of murder or rape, subscriber information related to ransom e-mails sent during kidnappings, data to identify and locate victims of child abuse or data on communications between terrorists.
It can be assumed that this is increasingly a reality in India and that a growing proportion of the more than seven million crimes recorded entail e-evidence.
The more real-world crime involves e-evidence, the greater the need for law-enforcement officers, prosecutors or judges to have the skills to deal with e-evidence. Major capacity-building within the criminal justice system is required and clear rules for access to e-evidence and its admissibility in court need to be established.
The question of procedural law powers to secure e-evidence and, by extension, efficient access to evidence in a transnational and cloud context is a complicated challenge, given the limitations of the MLA process which is normally designed to protect the rights of individuals as well as the interests of states in which evidence is located.
With participation in the Council of Europe Convention on Cybercrime would increase India’s ability to obtain international assistance from other parties to the convention in investigating potential cyber crime offences, particularly in relation to accessing telecommunications. This makes international cooperation critical to efforts to criminalise, detect, disrupt, prevent and ultimately to pursue effective law enforcement action 15.
Recommendations and conclusion
To suggest remedial measures to ensure effective prevention and control of the cyber crimes based on the study following suggestions are recommended:
# Use of Encryption Technology
# Increase number of appointment of cyber forensic consultant.
# Educating the public on cyber crimes cases
# Liberalisation of Law relating to Search and Seizure
# Development of Cyber Forensics lab and Biometric Techniques
# Need to establish a Computer Crime Research and Development Centre in every state.
# Need for Universalisation of Cyber Law
# To Combat the Menace of Cyber Terrorism increase training allocation fund once in every 2 years
# Establish Special Cyber Crime Investigation Cell for Hi-Tech Crimes every state.
# Create awareness of Cyber Crimes at the High School level
# Introduce Cyber Laws in the Curriculum in graduation level
# To develop strategies to help decrease the backlog of digital evidence, develop a mechanism to track the timelines of the cyber security team response to report of cyber crime activity
# Re Establishment of Special Cyber Courts to handle Cyber Crime case in every major cities
# View FIR functionality available on Police citizen portals as per Supreme Court guidelines
# Planting of Baits in Cyberspace for Worms and Viruses
# Use of Data Analytical tool to Regulate of Social Networking Sites
# Need for Imparting Training to Officials to Investigate Cyber Crimes
# Encouragement of Cyber Crime Victims to Lodge Complaints
# Increased international law enforcement cooperation among nations and the private sector and investment in more resources for investigation, especially among developing nations
# Modernisation of current processes, such as the Mutual Legal Assistance Treaty (MLAT), which allows governments to enlist the help of other government in cybercrime investigations and evidence collection
# Better collection of aggregate data by national authorities
# Standardisation of threat information and coordination of cyber security requirements to boost security in critical sectors like finance
# To implement national working group on cyber crime to maintain dedicated mechanism for the review and development of legislative responses to cyber security
police lack sufficient tools to identify offenders or deploy technical capability to remove malicious software. LEAs must have the tools needed to work with international partners in a concerted effort to tackle the cyber crime problem and prosecute the members
# Legislation to support remote access to attack other machines in preventing cyber attack
# To follow Council of Europe Convention on Cybercrime policy adapting measures to our national cyber security policy along the line of the treaty
Conclusion
An oft repeated quote in the context of the internet is that of Judge Nancy Gertner in Digital
Equipment Corp. v. Altavista Technology: “The internet has no territorial boundaries 16. To paraphrase Gertrude Stein, as far as the internet is concerned, not only is there perhaps ‘no there, there’, the ‘there’ is everywhere where there is internet access.17â€
This research paper attempts in pointing out urgent need of legislation and policy formulation in the field of cyber crime investigation. Problem of potential misuse of internet is increasing day by day, It’s important for law makers, judicial and government to ensure that law reflect updated to tackle the menace of cyber crime and it is time to gear up for law enforcement official to fight computer crime.
References
1-The Strategic Policing Requirement: An inspection of the arrangements that police forces have in place to meet the Strategic Policing Requirement, HMIC, April 2014. Available from: www.hmic.gov.uk/publication/an-inspection-of-the-arrangements-that-police-forces-have-in-place-to-meet-the-strategic-policing-requirement/
2-National Cyber Security Policy 2013
3-AusCERT, Submission 30, p.15
4-The Australian Federal Police, Supplementary Submission 25.1, pp.8,9.
5-Alexander SegerIndia and the Budapest Convention: Why not? - https://www.orfonline.org/expert-speak/india-and-the-budapest-convention-why-not/
6-Peter J. Kazdik, “Assistant Attorney General, US Department of Justice, in Letter to Joseph R. Biden, President, United States Senate,†Department of Justice, July 15, 2016, available at: https://www.aclu.org/sites/default/files/field_document/doj_legislative_proposal.pdf.
7-By Eric PesaleUpdated Criminal Procedure Rule Allows Government to Remote-Hack Computers.https://blog.logikcull.com/updated-criminal-procedure-rule-allows-government-to-remote-hack-computers
8-Drew Mitnick New U.S. CLOUD Act is a threat to global privacy. - https://www.accessnow.org/new-u-s-cloud-act-threat-global-privacy/
9-The Economic Impact of Cybercrime—No Slowing Down “McAfee Labs Threat Report,†McAfee, December 2017
10- National Capacity Strengthening to Combat Cybercrime.Madan M. Oberoi - http://www.digitalpolicy.org/national-capacity-strengthening-to-combat-cybercrime/
11- Interpol
12-National Capacity Strengthening to Combat Cybercrime.Madan M. Oberoi - http://www.digitalpolicy.org/national-capacity-strengthening-to-combat-cybercrime/
13-Tatiana Tropina cyber policing the role of the police in fighting the cyber crime. European Police Science and Research Bulletin. Special Conference Issue Nr. 2
14-Communication from the Commission to the European Parliament, the Council and the Committee of the Regions, 2007.
15-Alexander Seger. India and the Budapest Convention: Why not? - https://www.orfonline.org/expert-speak/india-and-the-budapest-convention-why-not/
16-The Indian Journal of Law and Technology Vol 6, 2010. Jurisdictional Issues in Cyberspace. Justice S. Muralidhar. 960 F. Supp. 456 (D. Mass. 1997)
17- The Indian Journal of Law and Technology Vol 6, 2010. Jurisdictional Issues in Cyberspace. Justice S. Muralidhar. 17-Id.at 462
Law Article in India
Legal Question & Answers
Lawyers in India - Search By City
LawArticles
How To File For Mutual Divorce In Delhi
How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...
Increased Age For Girls Marriage
It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...
Facade of Social Media
One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...
Section 482 CrPc - Quashing Of FIR: Guid...
The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...
The Uniform Civil Code (UCC) in India: A...
The Uniform Civil Code (UCC) is a concept that proposes the unification of personal laws across...
Role Of Artificial Intelligence In Legal...
Artificial intelligence (AI) is revolutionizing various sectors of the economy, and the legal i...
Please Drop Your Comments