Cyber Law observers in India are waiting for the release of the draft of the amendments proposed to Information Technology Act 2000 which is expected to be passed in the current month. One of the amendments keenly awaited is the definition of “Cyber Terrorism” as an offence and the punishment that may be fixed for the same.

The Indian National Cyber Security Forum (INCSF) in its first formal meeting on 6th December 2008 at Bangalore debated on how Cyber Terrorism needs to be defined in India.

As we are aware, if “Cyber Terrorism” is defined as ” An act of Terrorism committed using Computers”, it would make no sense since this is already covered by the regular penal law of the country. ITA 2000 already has given evidentiary value to electronic documents and hence any offence under IPC committed using electronic document can be recognized under IPC and prosecuted using the electronic evidence.

What we therefore require is that class of offences which cause “Terror in Cyber Space” which is not covered under IPC and though covered under say Section 66 of ITA 2000 as “Hacking” may require a stronger sentence.

It may be observed that FBI has defined Cyber Terrorism in USA  as ” Any premeditated, politically motivated attack against information, computer systems, computer programs and data which results in violence against non-combatant targets by sub-national groups or clandestine agents”.

Also, US National Infrastructure Protection Center defines “Cyber Terrorism” as ” A criminal act perpetrated by the use of computers and telecommunication capabilities, resulting in violence, destruction and/or disruption of services, to create fear by causing confusion and uncertainty within a given population with the goal of influencing a government or population to conform to particular political, social or ideological agenda”.

 We can notice that the FBI definition is restricted to  “Violence” and “Political agenda”. The definition of the US National Infrastructure Protection Center expands the FBI definition. However both of them  appear to re define the offence already recognized under common law to the use of computers.

The Indian definition should therefore be different. The undersigned suggests that the definition may be considered on the following lines.

Cyber Terrorism means:

Using or Causing a  Computer, Mobile or any  or any associated device or an Electronic Document

 to intimidate or coerce the Government, its civilian population, or any segment thereof,  of India or its friendly countries

to create disharmony in the Indian society or the society of any of the friendly countries

to create destabilization of the economy or any segment there of either on the physical space or cyber space in India or in any of the friendly countries

 in furtherance of political, religious or social objectives or to harm the community injuriously by any means.

or any attempt thereof, or providing any assistance thereof. 

Explanation: ” Friendly countries” under this section means those countries declared as “Friendly countries for the purpose of this act” through a gazette notification and with whom India has a mutual Cyber Terrorism Resistance Treaty.

This definition tries to address the issues such as use of Internet for propaganda, spreading of rumours, training of terrorists etc and also extends it to the commission of the offence across the borders. 

Afterall what distinguishes Cyber Terrorism from normal terrorism is that the terrorist mostly remains on a foreign soil and launches the attack on the country. Hence the cross border recognition is considered essential. It may also help other countries to have similar provisions and help in extradition process where required.

Similarly, the actions which do not fall under the category of “Violence” in physical sense is the action which needs to be curtailed on the Internet space. Rendering Financial support, web hosting support, anonymizer services etc need to be brought under the definition of Cyber Terrorism and hence these have been incorporated in the suggested definition.

The next important issue is to decide the quantum of punishment. Since a terrorist act using computers is already considered a serious crime for which death penalty or life imprisonment can be imposed, there is no other option but to provide similar penalty for Cyber Terrorism also.

It may be recalled that Paksitan already has death penalty and life imprisonment for Cyber Terrorism and hence India should not hesitate to go ahead with such a stringent legislation.

But.. the million dollar question is “Is the Government of India serious enough in its fight against Terrorism or Bold enough to adopt such a definition? or Penalty”.

INCSF would urge the Government to muster enough wisdom and courage for  a bold definition of Cyber Terrorism.

I would also urge the Members of Parliament of all parties and particularly from BJP to ensure that when the ITA 2000 amenement Bill 2006 is presented, they would ensure that “Cyber Terrorism” is confronted with a strong legislation.

Naavi of Naavi.org

Be Sociable, Share!