Dealing with digital invasion of privacy
Renu Sud Sinha
“THe Internet has become the central lifeline of our day-to-day life that we can’t leave. The best thing is to sensitise your wards, family, everyone about how to deal with the dangers of intrusion into your privacy by the electronic devices and your mobile phones,” says cyber-security law expert Pavan Duggal.
Checks and balances
- Senior Supreme Court advocate Vibha Datta Makhija suggests common toilets to be device-free zones in educational institutions, hostels. Students should be part of awareness and action committees in colleges and universities as part of a safe digital eco-system.
- India’s foremost cyber security expert Pavan Duggal advises: Be careful of the data you share. Be vigilant in public changing rooms and common or shared bathrooms, don’t get mobiles in these areas. Avoid capturing your private moments and private parts on camera or mobile and try to share information with whom you trust. Even after all precautions, if any breach happens, report immediately to police.
- Rohit Shekhar Sharma, a cyber crime expert with Chandigarh Police’s cyber cell, suggests an anti-privacy law on lines of the anti-ragging law, as the present IT Act is not stringent enough to deal with invasion of privacy.
The recent Chandigarh University video leak case has brought into focus the issue of privacy invasion in the digital age. A Supreme Court of India decision (2017) holds that the right to privacy is a fundamental right under Articles 14, 19 and 21 of the Constitution.
“The problem is that everyone has become complacent. We have begun to take the Internet for granted but forget that it never forgets. To add to that, voyeurism has become an important element in Indian society that has actually become a recording society — everyone is recording information for whatever reasons and vomiting data about personal and professional life without thinking about the legal ramifications or impact on their privacy,” adds Duggal.
Ketan Bansal, SP (Operation & Cyber), Chandigarh, agrees with Duggal’s views. “There is over-sharing of information on social media sites.” That’s because there are hardly any boundaries left about breach of privacy, says Delhi-based Vibha Datta Makhija, a senior advocate practising in the Supreme Court.
In Himachal Pradesh, cyber crime cases have gone up in the past two to three years, particularly during the lockdown, says Narvir Singh Rathaur, Additional SP, cyber crime, Shimla.
As many as 6,258 and 6,207 cyber complaints were received in 2020 and 2021, respectively, as compared to 2,914 in 2019. “Cyber crime against women such as blackmailing and threatening, stalking, defamation, morphing, fake profiles and sextortion cases was roughly 15 per cent of the total cases,” adds Rathaur.
A high conviction rate would have acted as a deterrent, but it remains quite low.
“Almost all social media sites have their offices and servers in other countries. Most of the time there is a delay in providing information to us,” says the HP cyber cop.
So what’s the way forward? “People have to be trained to protect their privacy and data more fiercely than their money,” says Duggal.
The key lies in creating awareness and sensitising people about cyber security, says Prajakta Ahvad, a Chandigarh-based lawyer who also runs an NGO that works on gender based issues and related problems. “Law definitely provides a remedy but prevention is more important and that can come only through education,” says Makhija.
Awareness is needed for all stakeholders. “All educational institutions should have clear-cut gender sensitisation programmes, orientations or workshops for everyone, including faculty, support staff and students,” adds the SC lawyer.
“There should also be a student code of conduct in the prospectus as well as clearly-defined disciplinary action in case that code is breached. Most universities abroad conduct a sensitisation test for students. Something similar should be adopted by Indian universities. That’s the only way students can make informed choices,” says Makhija.
Institutions are usually not party to the crime but they must have a proactive grievance mechanism in place. “Shutting down institutions is not the solution. The trouble could have been avoided in this instance if the university had appointed a grievance and a nodal officer to deal with such cases, as is mandatory under the Information Technology Rules, 2021. When parents send their wards to a university or educational institution, it is with implicit presumption that their personal and data privacy will be secured. If there is an invasion, it is the primary duty of the institution to investigate, fix responsibility and take action,” says Duggal.
“The reality, however, is that there is a huge gap in providing the right kind of information and institutions are also not well informed. They are hesitant in creating awareness as they feel it will only add shame to the institution’s name. And that’s the reason they don’t want people to become aware about the mechanism in jurisprudence to protect their rights at the workplace,” says Sagina Walyat, an advocate at the Punjab and Haryana High Court.
The responsibility and onus of personal safety and security should lie with the individual, too. “Caution, due diligence, having appropriate cyber hygiene will have to be the guiding factors. Cyber security education should become part of the school curriculum from first standard because we begin to give devices and mobile phones to children at an early age. Capacity building and a holistic approach with contributions by all has to be the way forward,” adds Duggal.
Capacity building and awareness is necessary because sometimes even cops are not aware of the cyber laws, says Chandigarh-based lawyer Rohit Shekhar Sharma, a voluntary cyber crime expert with Chandigarh Police’s cyber cell.
To check the rising graph of cyber crime, HP Police is focusing on in-house capacity building and training of its personnel, that includes online and offline courses offered by the MHA. There are three dedicated cyber police stations in the state — at Shimla, Dharamsala and Mandi. At least 25 more cops have been attached to an allocated staff strength of 15 that includes eight women. From its social media sites to holding nukkad nataks to talk shows on radio stations, the HP Police has been creating awareness among people, adds Rathaur.
Chandigarh Police started a Cyber Swachhta Mission last year as part of its community outreach initiative to inculcate cyber hygiene and spread awareness among citizens. Students from local colleges and universities are being trained in cyber security by experts and police officials as part of an internship programme under the mission. Ironically, Chandigarh University is one of the nine universities whose students have been enrolled for the second batch of 389 interns this year. It also holds awareness workshops in colleges across the city.
While this capacity building will help check cyber crime to a large extent, the existing law needs to be massively overhauled. “The IT Act was enacted in 2000 and amended in 2008. Fourteen years have passed since and technology has made rapid advances,” says Duggal.
“We also need to sensitise law-enforcement agencies that they need to have a citizen-friendly approach rather than treating the complainant, mostly a woman, as the offender. Most women are afraid to report cyber crimes because of the fear of harassment and insensitive repeated questioning. This is one of the major reasons behind under-reporting of such cases,” he adds.
Chandigarh Police has woman and cyber desks in all its police stations. It also takes helps from counsellors in dealing with women victims/complainants, adds Bansal.
“Indian society is still very patriarchal. People tend to see a woman, who reports such an act, as complicit in that crime. The system should provide confidence and comfort and that comes from anonymity if we want to encourage women to report and not remain silent victims,” says Duggal.
Walyat, however, points out: “Initially, anonymity was a means to empower women to report sexual-abuse crimes.”
Ahvad is quick to add that even in present times, the tendency of society still is not just shaming the victim, but also making it a permanent life-long guilt.
“More victim shaming means less reporting of such cases. That is the reason identity must be protected so as to strengthen the reporting process,” says Makhija.
DSP Palak Goel of Chandigarh Police, who is part of awareness workshops in colleges and schools of the city, says their message to girls is to not blame themselves if any such incident happens and come forward without feeling any guilt.
Under the IT Act, 2000, that deals with cybercrime and electronic commerce, offenders can be imprisoned up to three years, along with/or fine up to Rs 2,00,000. “The law needs to be more stringent. Section 66 (E) of the IT Act should be made a non-bailable offence, to provide effective protection to women and to give a message of deterrence. Imagine, someone captures images of private parts of a woman and that’s a bailable offence,” says Duggal.
Most experts also advocate media literacy as part of awareness. The media should be sensitive in reporting such matters and should take utmost care about not naming the victim/complainant and effectively blurring the pictures, if using.
Awareness, sensitisation and implementation remain the buzzwords if we need to adopt cyber security and cyber hygiene methodology as a way of life.