India’s plan at UN cybercrime panel seeks right to ask data from nations
India has proposed to a UN ad hoc committee that all signatory member nations allow other countries to request phone, email and other subscriber information as well as traffic data of their residents necessary in some specific cybercrime investigations and proceedings, sources told ET.
The idea of the proposal, a senior government official said, was to develop a process that will help in cybercrime investigation and provide speedy access to data given the increasing pace of cybercrimes globally.
“The proposals are at a very preliminary stage. What we have proposed may not even make it to the final draft. Our aim is to develop a system that allows faster exchange of information, especially in cases of cybercrime,” the official said.
This will be in addition to the mutual legal assistance treaty (MLAT) between nations that allows for such exchange of data. The MLAT process, however, is often time taking.
The nature of cybercrime is such that by the time an information comes through the usual diplomatic channels, it loses relevance. The proposals made at the UN ad hoc committee meetings will allow for a more continuous flow of information, the official said.
“For any other criminal proceedings, we have to follow the usual channels of extradition and that depends on the treaties that we have with such nations,” the official said.
These proposals were made during the fifth session of the UN ad hoc committee in Vienna to elaborate on a comprehensive international convention on countering the use of information and communications technologies for criminal purposes.
It was supported by Russia but opposed by the US and a few other countries, sources present at the meeting in Vienna told ET.
In its proposal, India has also said that signatory members should “facilitate the transmission of the produced information or data” to the requesting country without any “undue delay”.
“A state party may request another state party to issue an order compelling a service provider in the requested party’s territory to produce specified and stored subscriber information, and traffic data in the possession or control of the service provider, which is necessary for the party’s specific criminal investigations or proceedings,” India’s proposal read. ET has reviewed a copy of the proposal.
Member nations that express inability to comply with the request made shall also inform the “requesting party” the reasons for the same and “specify any conditions under which it could comply,” India has said in its proposal.
The Indian delegation comprises officials from the ministries of external affairs, home affairs and electronics and information technology. Mails sent to the MEA, which is the nodal ministry, did not elicit any response.
The ad hoc committee was established by a resolution during the 74th session of the UN General Assembly (UNGA) held in January 2020.
The UNGA had then decided to establish “an open-ended ad hoc intergovernmental committee of experts, representative of all regions”, which would discuss and decide on developing an international convention to counter global cybercrime.
The ad hoc committee counts amongst its prominent members nations such as Algeria, Egypt, Nigeria, China, Japan, Estonia, Poland, Russia, Brazil, Australia, Portugal, the US, the UK, and India.
“The LEA (law enforcement agency) of any signatory member could potentially track the whereabouts of a criminal they are trying to track or establish the presence of the criminal in a certain jurisdiction. It has privacy ramifications,” said an expert who works with the government.
In an earlier session of the UN ad hoc committee meeting, India had proposed that all member nations of the committee adopt legislative and other measures which are necessary to establish offence if a person sends, using a computer or any other communication device, information that is grossly offensive or has a menacing character, or which he knows to be false, for the purpose of causing annoyance, inconvenience and danger.
The proposal is similar to Section 66A of the IT Act, which was declared unlawful by the Supreme Court of India in 2015. India later withdrew the proposal.
The Supreme Court had while striking down Section 66A of the Act said that the provision was “violative of Article 19(1)(a) and not saved under Article 19(2)”.
Article 19(1)(a) gives citizens of India the right to exercise freedom of speech and expression, while Article 19(2) says the government can impose “reasonable restrictions” on the exercise of this right by individuals.
India had then also proposed that all signatory nations develop a legislative framework that “may be necessary to empower its competent authorities to search or similarly access” any computer system or data stored within the computer system or seize such computer systems.