Centre for Internet & Society

India's surveillance system fails to track the servers of internet giants like Google or Facebook because these do not have servers in the country, says a leading cyber law expert.

The article by Anita Babu was published in the Business Standard on December 26, 2014. Sunil Abraham gave his inputs.

Back in 2009, after the investigation team, probing into the 26/11 Mumbai terror attacks, almost cracked the case, it was the US’s Federal Bureau of Investigation (FBI) which connected the missing links by arresting David Headley, the mastermind.

Five years later, India staring at a similar situation, when Bengaluru-based Mehdi Masroor Biswas, was allegedly found to be operating a pro-ISIS (Islamic State) handle. It was a British broadcaster, Channel 4, which blew the lid off Biswas’s activity. Soon after the report, Indian authorities swung into action.  Last year, when communal violence broke out in some parts of Uttar Pradesh, a Pakistani news organisation reported that a fake video was being circulated to fan sentiments.

But, why have Indian agencies failed to detect such activities which pose a threat to the national security? A senior government official said intelligence agencies in the country scan the internet for leads. But, in the light of increased threats, systems need to be beefed up significantly.  Perhaps, as a first step towards this, the home ministry on Wednesday formed a committee to prepare a road map for tackling cyber crimes in the country.

It will give suitable recommendations on all facets of cyber crime, apart from suggesting possible partnerships with public and private sector, non-governmental organisations and international bodies.

According to Sunil Abraham, executive director of a Bengaluru-based research organisation, the Centre for Internet and Society, it’s time we move closer towards intelligent and targeted surveillance, rather than mass surveillance. This will require monitoring a selected accounts or profiles, instead of tapping information from across the population. Old-fashioned detective work is also very important, as it has helped zero in on Biswas.

Another problem the country faces is that a lot of data is being pooled in by multiple agencies, but of little use. “We must free up our law enforcement agencies and intelligence services from the curse of having too much data,” Abraham adds. Since most of the internet companies are headquartered outside India, the authorities face a lot of difficulties in accessing information from these networks.

“India’s surveillance system fails to track the servers of internet giants like or because these do not have servers in the country. Our system is only confined within the country,” says Pavan Duggal, a leading cyber law expert.

Since the US has the capability to access information from telecom companies, service providers such as Twitter and Facebook and the consortia that run submarine cables, these companies cooperate in a much more effective and immediate manner, adds Abraham. “But these are things that we will never be able to do in India,” he adds.

For instance, India follows the mutual legal assistance treaty procedure, to gather and exchange information in an effort to enforce public laws or criminal laws. However, this is a time-consuming process and often takes up to two years before we get any data from these companies.

But due to the threat of cyber-terrorism being shared by both companies and governments, companies such as Google, Twitter and Facebook are cooperating more than before, experts say.

Internet and Jurisdiction Project, an international group that works towards ensuring digital coexistence, tries to get a procedural law between two countries in a harmonised manner and includes collection, storage, handling and processing of evidence.

More lubricating efforts should be undertaken internationally on these lines, say experts. Hopefully, the new committee will take steps in this direction.

Filed under: