Friday, March 8, 2013

Central Monitoring System (CMS) For Telephone Tapping In India

The Central Monitoring System (CMS) Project of India is a “centralised mechanism” where telecommunications and Internet communications can be analysed by the Indian Government and its Agencies.

The CMS project of India is a good and ambitious project that is required to manage national security and law and enforcement requirements of the country. However, adequate “procedural safeguards” must also be established in the system so that it is not abused for political and personal reasons.

The telephone tapping laws in India are already weak and violative of constitutional protections. We are still following the colonial telegraph act that requires an urgent repeal. Further, the information technology amendment act 2008 made e-surveillance in India a regular phenomenon. The big brother in India must not overstep the limits.

We at Perry4Law Organisation and Perry4Law’s Techno Legal Base (PTLB) believe that a holistic and comprehensive law on telephone tapping in India as well as governing related aspects must be formulated in India. For instance, the cell site data location laws in India and privacy issues must also be covered by the proposed law. Similarly, the cell site location based e-surveillance in India and surveillance of internet traffic in India must also be part and parcel of the new legislation.

A national e-surveillance policy of India must be formulated that should cover both policy and legislative issues pertaining to CMS project and telephone tapping relating issues. Call data record (CDRs) must also be regulated and protected by adequate and strong laws.

Indian government has already started working in the direction of making the CMS project operation in the month of April 2013. A new mechanism will be put in place by the Indian government to eliminate the loopholes in authorised phone tapping by intelligence and enforcement agencies.

Under the proposed framework, a centralised mechanism would be adopted where the need to approach individual telecom service providers would be obviated. This would exclude the interaction with these service providers and make the entire process of telephone tapping more secure and leak proof. However, this would also result in abusing the telephone tapping mechanisms in the absence of adequate procedural safeguards.

The CMS project would be brought under the Department of Telecom (DoT) and will be manned by the Intelligence Bureau (IB). Some procedural changes have also been introduced in this process. For instance, a clear electronic audit trail of the phones tapped would be maintained. This would eliminate the traditional paper based trail procedure that is cumbersome and prone to leak. The entire phone-tapping system will also move to an electronic platform from the current manual system.

The CMS project, based in New Delhi, would also have four hubs in major cities of India. Proposal to curtail the discretionary power of agencies to listen into phone calls may also be implemented. The telegraph act may be suitable amended to reflect these changes.

As per the present regulatory framework, in cases of urgency the agencies can tap phones for seven days without obtaining permission. With the migration to electronic platform and adoption of CMS project, the request for sanctions will also be sent electronically which will cut down the time to obtain permission.

At Perry4Law and PTLB we believe that it would be even better if we ensure parliamentary oversight of intelligence agencies of India as well. Further, we also believe that it is high time to formulate a comprehensive and holistic telephone tapping and related law for India. We also understand that this is a very difficult and delicate task and may face stiff resistance from various quarters but the tough call has to be taken by Indian government immediately.

Saturday, March 2, 2013

The Hacker News: Security In A Serious Way

If you are interested in reading serious cyber security and related news and views, the Hacker News is one of the best sources for the same. The security portal is also providing a magazine on this topic that is also of good quality.

The Hacker News (THN) is a privately owned Indian company based out of New Delhi, India and has been providing training and knowledge-based solutions since October 2011.

Originally founded in November 2010 by Mr. Mohit Kumar, The Hacker News has been internationally recognised as a leading news source dedicated to promoting awareness for security experts and hackers.

Supported and endorsed by administrators and members of various underground hacking groups and communities worldwide, The Hacker News (THN) has become a worldwide leader in information security.