Cyber Intrusion in Macau: Government Websites Hacked, says Chinese state media

Introduction

The rise of misinformation, disinformation, and synthetic media content on the internet and social media platforms has raised serious concerns, emphasizing the need for responsible use of social media to maintain information accuracy and combat misinformation incidents. With online misinformation rampant all over the world, the World Economic Forum's 2024 Global Risk Report, notably ranks India amongst the highest in terms of risk of mis/disinformation. 

The widespread online misinformation on social media platforms necessitates a joint effort between tech/social media platforms and the government to counter such incidents. The Indian government is actively seeking to collaborate with tech/social media platforms to foster a safe and trustworthy digital environment and to also ensure compliance with intermediary rules and regulations. The Ministry of Information and Broadcasting has used ‘extraordinary powers’ to block certain YouTube channels, X (Twitter) & Facebook accounts, allegedly used to spread harmful misinformation. The government has issued advisories regulating deepfake and misinformation, and social media platforms initiated efforts to implement algorithmic and technical improvements to counter misinformation and secure the information landscape.

Efforts by the Government and Social Media Platforms to Combat Misinformation

1. Advisory regulating AI, deepfake and misinformation

The Ministry of Electronics and Information Technology (MeitY) issued a modified advisory on 15th March 2024, in suppression of the advisory issued on 1st March 2024. The latest advisory specifies that the platforms should inform all users about the consequences of dealing with unlawful information on platforms, including disabling access, removing non-compliant information, suspension or termination of access or usage rights of the user to their user account and imposing punishment under applicable law. The advisory necessitates identifying synthetically created content across various formats, and instructs platforms to employ labels, unique identifiers, or metadata to ensure transparency. 

2. Rules related to content regulation

The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (Updated as on 6.4.2023) have been enacted under the IT Act, 2000. These rules assign specific obligations on intermediaries as to what kind of information is to be hosted, displayed, uploaded, published, transmitted, stored or shared. The rules also specify provisions to establish a grievance redressal mechanism by platforms and remove unlawful content within stipulated time frames.

3. Counteracting misinformation during Indian elections 2024

To counter misinformation during the Indian elections the government and social media platforms made their best efforts to ensure the electoral integrity was saved from any threat of mis/disinformation. The Election Commission of India (ECI) further launched the 'Myth vs Reality Register' to combat misinformation and to ensure the integrity of the electoral process during the general elections in 2024. The ECI collaborated with Google to empower the citizenry by making it easy to find critical voting information on Google Search and YouTube. In this way, Google has supported the 2024 Indian General Election by providing high-quality information to voters and helping people navigate AI-generated content. Google connected voters to helpful information through product features that show data from trusted institutions across its portfolio. YouTube showcased election information panels, featuring content from authoritative sources.

4. YouTube and X (Twitter) new ‘Notes Feature’

• Notes Feature on YouTube: YouTube is testing an experimental feature that allows users to add notes to provide relevant, timely, and easy-to-understand context for videos. This initiative builds on previous products that display helpful information alongside videos, such as information panels and disclosure requirements when content is altered or synthetic. YouTube clarified that the pilot will be available on mobiles in the U.S. and in the English language, to start with. During this test phase, viewers, participants, and creators are invited to give feedback on the quality of the notes.
• Community Notes feature on X: Community Notes on X aims to enhance the understanding of potentially misleading posts by allowing users to add context to them. Contributors can leave notes on any post, and if enough people rate the note as helpful, it will be publicly displayed. The algorithm is open source and publicly available on GitHub, allowing anyone to audit, analyze, or suggest improvements. However, Community Notes do not represent X's viewpoint and cannot be edited or modified by their teams. A post with a Community Note will not be labelled, removed, or addressed by X unless it violates the X Rules, Terms of Service, or Privacy Policy. Failure to abide by these rules can result in removal from accessing Community Notes and/or other remediations. Users can report notes that do not comply with the rules by selecting the menu on a note and selecting ‘Report’ or using the provided form.

CyberPeace Policy Recommendations

Countering widespread online misinformation on social media platforms requires a multipronged approach that involves joint efforts from different stakeholders. Platforms should invest in state-of-the-art algorithms and technology to detect and flag suspected misleading information. They should also establish trustworthy fact-checking protocols and collaborate with expert fact-checking groups. Campaigns, seminars, and other educational materials must be encouraged by the government to increase public awareness and digital literacy about the mis/disinformation risks and impacts. Netizens should be empowered with the necessary skills and ability to discern fact and misleading information to successfully browse true information in the digital information age. The joint efforts by Government authorities, tech companies, and expert cyber security organisations are vital in promoting a secure and honest online information landscape and countering the spread of mis/disinformation. Platforms must encourage netizens/users to foster appropriate online conduct while using platforms and abiding by the terms & conditions and community guidelines of the platforms. Encouraging a culture of truth and integrity on the internet, honouring differing points of view, and confirming facts all help to create a more reliable and information-resilient environment. 

References:

1. https://www.meity.gov.in/writereaddata/files/Advisory%2015March%202024.pdf
2. https://blog.google/intl/en-in/company-news/outreach-initiatives/supporting-the-2024-indian-general-election/
3. https://blog.youtube/news-and-events/new-ways-to-offer-viewers-more-context/
4. https://help.x.com/en/using-x/community-notes

‍

Introduction

Google’s search engine is widely known for its ability to tailor its search results based on user activity, enhancing the relevance of search outcomes. Recently, Google introduced the ‘Try Without Personalisation’ feature. This feature allows users to view results independent of their prior activity. This change marks a significant shift in platform experiences, offering users more control over their search experience while addressing privacy concerns. 

However, even in this non-personalised mode, certain contextual factors including location, language, and device type, continue to influence results. This essentially provides the search with a baseline level of relevance. This feature carries significant policy implications, particularly in the areas of privacy, consumer rights, and market competition. 

Understanding the Feature

When users engage with this option of non-personalised search, it will no longer show them helpful individual results that are personalisation-dependent and will instead provide unbiased search results. Essentially,this feature provides users with neutral (non-personalised) search results by bypassing their data. 

This feature allows the following changes:

• Disables the user’s ability to find past searches in Autofill/Autocomplete.
• Does not pause or delete stored activity within a user’s Google account. Users, because of this feature, will be able to pause or delete stored activity through data and privacy controls.
• The feature doesn't delete or disable app/website preferences like language or search settings are some of the unaffected preferences.
• It also does not disable or delete the material that users save.
• When a user is signed in, they can ‘turn off the personalisation’ by clicking on the search option at the end of the webpage. These changes, offered by the feature, in functionality, have significant implications for privacy, competition, and user trust.

Policy Implications: An Analysis

This feature aligns with global privacy frameworks such as the GDPR in the EU and the DPDP Act in India. By adhering to principles like data minimisation and user consent, it offers users control over their data and the choice to enable or disable personalisation, thereby enhancing user autonomy and trust. 

However, there is a trade-off between user expectations for relevance and the impartiality of non-personalised results. Additionally, the introduction of such features may align with emerging regulations on data usage, transparency, and consent. Policymakers play a crucial role in encouraging innovations like these while ensuring they safeguard user rights and maintain a competitive market.

Conclusion and Future Outlook

Google's 'Try Without Personalisation' feature represents a pivotal moment for innovation by balancing user privacy with search functionality. By aligning with global privacy frameworks such as the GDPR and the DPDP Act, it empowers users to control their data while navigating the complex interplay between relevance and neutrality. However, its success hinges on overcoming technical hurdles, fostering user understanding, and addressing competitive and regulatory scrutiny. As digital platforms increasingly prioritise transparency, such features could redefine user expectations and regulatory standards in the evolving tech ecosystem.

References

• https://indianexpress.com/article/technology/tech-news-technology/google-search-results-try-without-personalisation-new-feature-9710243/ 
• https://support.google.com/websearch/answer/12410098?hl=en 
• https://www.theverge.com/2024/12/5/24314402/google-turn-off-personalized-search-results

Introduction 

As the world is being "Digitally Interlaced", cyber security has become a continuous wrangle. The “Gambling industry” is considered an incredibly lucrative mark for cybercriminals, principally due to the enormous quantities of cash on hand and the sensitive details it processes day to day. Cybercriminals may use susceptibilities in gambling scaffolds to achieve financial scams or launder unlawful funds. An analysis by Security Scorecard discovered that the online gambling industry was ranked third in the possibility of encountering a cyber attack, following the energy and financial services sectors. Similarly, Online gambling is a bending matter that demands meticulous contemplation by policymakers and nationals. The incredible rise of online gambling has led to a terse acclivity in unlawful activities such as online scams, fraud, etc. Also, online sports gambling has become a thriving endeavour in contemporary years as millions of people are putting stakes and gambles on their electronic devices.

The Challenges

Online gambling has thus become a widespread frolicking for numerous youngsters, with the industry tossed to be worth billions of dollars in the forthcoming decades. The prominent cyber security challenges in the gambling industry are money laundering, financial laundering, ransomware, personal information theft, data breaches, distributed Denial of Service (DDoS), system disruptions and Insider perils and employee malfeasance. Challenges of online gambling also include being properly not regulated and a lack of social interaction with near and dear ones. The spread of Internet gambling has presented many problems affecting consumer behaviour online, motivations to gamble, problem gambling, security of websites, and the righteousness and virtue of the games. The rise of online gambling among young people due to the lack of clear regulations has likewise produced an abundant backdrop for financial ruination.

Web games and betting are among the fastest-evolving areas of the Internet. Over the past several years, there has been an international flare-up in online gambling, permitting customers to play from the convenience of home, work, and public locations. Numerous offshore betting websites and apps usually permit parties to win in the start with sound returns, whereas after the user gets addicted and invests considerable sums, they either keep failing or have the website refuse to cash out the winnings. Also, the information demonstrates that online games have been employed to commit wrongdoings (Child sexual exploitive material, religious conversion, cyberbullying, fraud, betting in virtual online casinos, etc.)

India's laws and regulations surrounding online gambling are complex and constantly evolving. While the legal framework is not entirely clear, a few state in India have their own set of rules.

Recently In April 2023, the Union Ministry of Electronics and Information Technology (“MeitY”), by virtue of the rule-making powers available to the central government under the Information Technology Act, 2000 (“IT Act 2000”), implemented a new central legal framework for online gaming through amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules 2021”).  These amendments (“Online Gaming Rules”) propose a light-touch, co-regulatory regime whereby MeitY-recognised, independent self-regulatory bodies (“SRB”) will verify whether an “online real-money game” is to be made available to the general public or not – in accordance with the baseline criteria prescribed by the Online Gaming Rules.

The Online Gaming Rules attempt to regulate online gaming platforms by treating them as an “online gaming intermediary” (“OGI”) and prescribing intermediary due diligence obligations for them under the IT Rules 2021.  An OGI has been defined in the Online Gaming Rules as “any intermediary that enables the users of its computer resource to access one or more online games”.  Under the Online Gaming Rules, an online game can be a “permissible online game” if (i) it is not an online real-money game, or (ii) it is an online real-money game but is “verified” by an SRB in accordance with the baseline criteria prescribed by the Online Gaming Rules and any additional criteria prescribed by the SRB itself.

Global Perspective

The global gaming industry worth over US$227 billion in 2022 is further projected to grow to US$312 billion by 2027. Several countries have set regulatory frameworks about online gaming, though these are skewed, concentrating mainly on gambling and circumventing numerous of the more typical cyber threats. The US spends about $60 billion annually on online gambling and sports betting. In Europe, gambling is an even larger moneymaker. Also, numerous countries in Europe, like the UK, have legalised gambling. Nevertheless, it is prohibited for a US based company to operate an online gambling site. Yet, sports betting online is permitted in some states.

Today, though the gaming market has been overpowered by China and the US, future growth in the sector is anticipated to come from emerging economies like India with increasing populations. The permitted status of online gambling in India is nonetheless imprecise, vamoosing space for exploitation by cyber criminals and disarray for players involved. One of the climactic points that ought to be addressed is the sudden upsurge of online games, which increases gambling. Skill-based games such as poker, rummy etc., have additionally been developed to circumvent the legal definition of gambling in India. The recent instances of the online gaming industry not being properly regulated have also come to light in India. For instance, the Enforcement Directorate (ED) is still investigating the vast Mahadev Online Betting scandal, exposing an unknown money laundering method using Unified Payment Interface (UPI) IDs. Also, the Cyber Cell in Agra has taken proactive action against copyright violations, illegal online gambling and betting activities, shutting down 27 Illegal cricket betting sites in major operations, safeguarding several lakhs of Indians with thousands of crores from being transferred to overseas shores principally China. 

Consequently, though India has announced new regulations on online gaming, its contemporary policy framework cannot contend with the problems endangering this sector. The Public Gambling Act of 1867 makes it unlawful to use a public gambling house or to be seen in one. Nevertheless, the act does not explicitly cite online gambling, leading to further interpretation. The Ministry of Home Affairs (MHA) has released a further awareness campaign for offshore illegal gambling apps, notifying users to be mindful of foreign apps as they may be fraudulent and might induce monetary damage to the user. Also, state laws control gambling in India with each state having its own directive on the subject.  Yet, the Supreme Court of India has maintained that skilled games are not gambling and are thus legal. Furthermore, the Information Technology (IT) Act, of 2000 does not precisely handle online gambling or games that enable gambling.

Today, developers have strived for new ways to monetise the growing popularity of online gaming, which oversaw the creation of in-game currencies that can be bought using actual money, usually through credit cards.  Several nations have prohibited the usage of in-game currency and loot boxes, considering them a kind of online gambling. The in-game currency has thus caused much disagreement about becoming a state of hunting monetisation by developers, especially targeting minor or newbie players. The gambling industry, therefore, faces unique cybersecurity challenges that require a comprehensive and proactive approach to cybersecurity.

Conclusion

Presently, there are approximately 3.09 billion active video game players worldwide, and the number is expected to reach 3.32 billion by 2024 as of 2023. In the contemporary digital era, information is priceless, and encryption acts as a necessary means to safeguard it. Thus, Regulators are working to maintain the swiftness of shift in the industry, as the dearth of transparency in the law has made it challenging to implement regulations. There is also less awareness about cyber security in India due to the following grounds such as the lack of ethical hackers in the country, companies in India lacking focus on cyber security and hiring a team of ethical hackers and cyber security experts. Furthermore, there has been a lack of knowledge among the citizens as well. 

It is essential to realise the conceivable social and economic consequences and take measures to handle the online gambling industry. The industry has thus been undersized in the mode of research following online crime and Internet gambling, even though it is an acute emphasis.  There is also a pressing necessity to rebuild these regulations to tackle the more unbridled cyber security hazards swarming the gaming industry. Similarly, there is an urgent need for governments and policymakers around the world to start paying more attention to the gaming industry as cyber security threats continue to rise. There should be a further need to strengthen the regulatory framework, establish Self Regulatory Organizations (SROs), create ethical gaming designs and increase awareness among gamers. The Government of India should consider devising its own rating system to rate games so that players under 18 cannot access them.

Eventually, cyber security is a shared commitment, and everyone in the online gambling ecosystem must function jointly to provide a secure and safe setting for all.

References:

• https://truefort.com/gambling-industry-cybersecurity/
• https://www.orfonline.org/research/cybersecurity-threats-in-online-gaming-learnings-for-india
• https://www.hackread.com/chinese-scammers-cloned-websites-gambling-network/
• https://www.civilsdaily.com/news/cybersecurity-threats-from-online-gaming/
• https://www.linkedin.com/pulse/legal-considerations-online-gambling-india-sudden-increase-mathur/
• https://www.jsheld.com/insights/articles/the-importance-of-cybersecurity-in-the-online-sports-betting-industry
• https://www.the420.in/agra-cyber-cell-takes-down-27-illegal-betting-sites/
• https://g2g.news/gaming/ministry-of-home-affairs-releases-new-awareness-campaign-for-online-gaming-in-india/
• https://smestreet.in/technology/kaspersky-warns-of-increased-phishing-scams-and-data-breaches-in-apac-for-2024-2381601
• https://economictimes.indiatimes.com/tech/newsletters/morning-dispatch/govt-bans-mahadev-other-illegal-betting-apps-cyber-attacks-against-india-spike/articleshow/104996017.cms?from=mdr
• https://cipher.com/cybersecurity-for-gambling/
• https://www.mangalorean.com/tightening-the-reins-indian-government-blocks-over-550-illegal-betting-and-gambling-apps/
• https://cybersecurityasean.com/news-press-releases/kaspersky-predicts-rise-cyber-threats-across-apac-2024
• https://www.cnbctv18.com/technology/mahadev-betting-app-scam-ed-money-laundering-upi-celebrities-under-scanner-17815661.htm
• https://iclg.com/practice-areas/gambling-laws-and-regulations/india

‍