#FactCheck - Viral image claiming to show injury marks of the MP Kangana Ranaut slapped is fake & misleading

The United Nations in December 2019 passed a resolution that established an open-ended ad hoc committee. This committee was tasked to develop a ‘comprehensive international convention on countering the use of ICTs for criminal purposes’. The UN Convention on Cybercrime is an initiative of the UN member states to foster the principles of international cooperation and establish legal frameworks to provide mechanisms for combating cybercrime. The negotiations for the convention had started in early 2022. It became the first binding international criminal justice treaty to have been negotiated in over 20 years upon its adoption by the UN General Assembly.  

This convention addresses the limitations of the Budapest Convention on Cybercrime by encircling a broader range of issues and perspectives from the member states. The UN Convention against Cybercrime will open for signature at a formal ceremony hosted in Hanoi, Viet Nam, in 2025. The convention will finally enter into force 90 days after being ratified by the 40th signatory.

Objectives and Features of the Convention

• The UN Convention against Cybercrime addresses various aspects of cybercrime. These include prevention, investigation, prosecution and international cooperation. 
• The convention aims to establish common standards for criminalising cyber offences. These include offences like hacking, identity theft, online fraud, distribution of illegal content, etc. It outlines procedural and technical measures for law enforcement agencies for effective investigation and prosecution while ensuring due process and privacy protection. 
• Emphasising the importance of cross-border collaboration among member states, the convention provides mechanisms for mutual legal assistance, extradition and sharing of information and expertise. The convention aims to enhance the capacity of developing countries to combat cybercrime through technical assistance, training, and resources. 
• It seeks to balance security measures with the protection of fundamental rights. The convention highlights the importance of safeguarding human rights and privacy in cybercrime investigations and enforcement.
• The Convention emphasises the importance of prevention through awareness campaigns, education, and the promotion of a culture of cybersecurity. It encourages collaborations through public-private partnerships to enhance cybersecurity measures and raise awareness, such as protecting vulnerable groups like children, from cyber threats and exploitation.

Key Provisions of the UN Cybercrime Convention

Some key provisions of the Convention are as follows:

• The convention differentiates cyber-dependent crimes like hacking from cyber-enabled crimes like online fraud. It defines digital evidence and establishes standards for its collection, preservation, and admissibility in legal proceedings.
• It defines offences against confidentiality, integrity, and availability of computer data and includes unauthorised access, interference with data, and system sabotage. Further, content-related offences include provisions against distributing illegal content, such as CSAM and hate speech. It criminalises offences like identity theft, online fraud and intellectual property violations.
• LEAs are provided with tools for electronic surveillance, data interception, and access to stored data, subject to judicial oversight. It outlines the mechanisms for cross-border investigations, extradition, and mutual legal assistance.
• The establishment of a central body to coordinate international efforts, share intelligence, and provide technical assistance includes the involvement of experts from various fields to advise on emerging threats, legal developments, and best practices.

Comparisons with the Budapest Convention

The Budapest Convention was adopted by the Committee of Ministers of the Council of Europe at the 109th Session on 8 November 2001. This Convention was the first international treaty that addressed internet and computer crimes. A comparison between the two Conventions is as follows:

• The global participation in the UNCC is inclusive of all UN member states whereas the latter had primarily European with some non-European signatories. 
• The scope of the UNCC is broader and covers a wide range of cyber threats and cybercrimes, whereas the Budapest convention is focused on specific offences like hacking and fraud. 
• UNCC strongly focuses on privacy and human rights protections and the Budapest Convention had limited focus on human rights.
• UNCC has extensive provisions for assistance to developing countries and this is in contrast to the Budapest Convention which did not focus much on capacity building.

Future Outlook

The development of the UNCC was a complex process. The diverse views on key issues have been noted and balancing different legal systems, cultural perspectives and policy priorities has been a challenge. The rapid technology evolution that is taking place requires the Convention to be adaptable to effectively address emerging cyber threats. Striking a balance remains a critical concern. The Convention aims to provide a blended approach to tackling cybercrime by addressing the needs of countries, both developed and developing.

Conclusion

The resolution containing the UN Convention against Cybercrime is a step in global cooperation to combat cybercrime. It was adopted without a vote by the 193-member General Assembly and is expected to enter into force 90 days after ratification by the 40th signatory. The negotiations and consultations are finalised for the Convention and it is open for adoption and ratification by member states. It seeks to provide a comprehensive legal framework that addresses the challenges posed by cyber threats while respecting human rights and promoting international collaboration. 

References

• https://consultation.dpmc.govt.nz/un-cybercrime-convention/principlesandobjectives/supporting_documents/Background.pdf 
• https://news.un.org/en/story/2024/12/1158521 
• https://www.interpol.int/en/News-and-Events/News/2024/INTERPOL-welcomes-adoption-of-UN-convention-against-cybercrime#:~:text=The%20UN%20convention%20establishes%20a,and%20grooming%3B%20and%20money%20laundering 
• https://www.cnbctv18.com/technology/united-nations-adopts-landmark-global-treaty-to-combat-cybercrime-19529854.htm 

Introduction

India & Bangladesh have adopted proactive approaches, focusing on advancing cyber capacity building in the region. Bangladeshi and Indian cybersecurity experts have emphasised the importance of continuous technology training to protect the digital space from growing cyber-attacks and threats. They call for greater collaboration to share knowledge and expertise in cyber resilience, network vulnerability, and cyber risk assessment. The Cyber-Maitree 2023 event held in Dhaka aimed to enrich and build capacity to counter cyber-attacks and threats. The senior director of India's Computer Emergency Response Team acknowledged the growing dependence on cyberspace and the need for increased preparedness as critical infrastructures, energy systems, banks, and utilities are connected to the internet. Recently, Bangladesh Cyber ​​Security Summit 2024, organised by Grameenphone, was held in Dhaka on March 5th, 2024. Such collaborative dialogues between the countries serve as a shining example of cooperation between the governments of Bangladesh and India, serving as a platform for knowledge sharing, capacity building, and international cooperation in cyber security.

Cyber Maitree held in 2023

In 2023, India and Bangladesh held  'Cyber Maitree 2023', an initiative hosted by the ICT Division of the Bangladeshi Government, to address cybersecurity challenges in a rapidly globalising world characterised by digitisation. The event, which translates to "Cyber Friendship," was an interface for cybersecurity experts and aspirants from both nations, creating an avenue for extensive training, practical exercises, and a dynamic exchange of information. We need to emphasise the importance of bolstering digital safety as both nations grapple with the rapid digitisation of the world.

India-Bangladesh joint efforts aim to fortify cyber resilience, pinpoint potential network vulnerabilities, bolster rigorous risk assessments, and illuminate the landscape of cyber threats. It encompasses various sectors, including cybersecurity, artificial intelligence, ICT, and IT-driven human resource expansion. The growing camaraderie between India and Bangladesh has been evident through strategic engagements, such as the India-Bangladesh Startup Bridge and the establishment of 12 High Tech Parks in Bangladesh.

Highlights of the India-Bangladesh MoUs for Cyber Security Cooperation

In 2017, India and Bangladesh signed a Memorandum of Understanding (MoU) focused on cyber security cooperation. 

In 2022, Both nations crafted a Memorandum of Understanding (MoU), highlighting collaboration in spheres such as e-governance, e-public service delivery, research, and development. A separate agreement was also inked focusing on mutual information sharing pertaining to cyber-attacks and incidents. The first MoU aims to provide a framework for training Bangladesh Railway employees at Indian Railways' training institutes, including field visits. The Indian Railways will coordinate with officials from the Ministry of Railways, Government of Bangladesh to improve training facilities in Bangladesh. The second MoU focuses on collaboration in IT systems, for the Bangladesh Railway. The Ministry of Railway, Government of India, will offer IT solutions for passenger ticketing, freight operations, train inquiry systems, asset management digitisation, HR and finance infrastructure. The MoUs aim to strengthen the friendship bond between India and Bangladesh and promote friendly cooperation in the railway sector.

Way Ahead

Zunaid Ahmed Palak, State Minister for Posts, Telecom and ICT, Bangladesh, has announced that Bangladesh and India will collaborate to ensure the safety of the cyber world. The two countries are expected to sign a final agreement within the next three to six months. He stressed the importance of attracting investments in the postal, telecommunication, and IT sectors. He also highlighted the strong ties between Bangladesh and India. He also announced that 12 high-tech parks will be constructed in Bangladesh with an Indian Line of Credit, starting operation by 2025. He further referred to the Indian Cyber Emergency Response Team (CERT), and said "We are very much enthusiastic in fighting against the cyber attacks and crimes as the team is now working with us". 

Bangladesh Cyber ​​Security Summit 2024

The Bangladesh Cyber Security Summit 2024, organised by Grameenphone, was held in Dhaka on 5th March 2024, focusing on cybersecurity issues and opportunities, fostering collaboration between government, private organisations, industry experts, and sponsors investing in Bangladesh's digital future.

Conclusion 

India and Bangladesh share a common vision for a secure digital future, focusing on cybersecurity collaboration to safeguard shared aspirations and empower nations to thrive in the digital age. We must emphasise the need to fortify digital defenses, leveraging expertise, innovation, and collaboration to secure interconnected futures. Collaborative relations in Information and Communication Technology and Cyber Security will strengthen digital defense and establish cyber resilience. 

References:

• https://caribbeannewsglobal.com/bangladesh-and-india-call-for-more-cyber-security-training/?amp=1
• https://www.indianewsnetwork.com/en/20231005/bangladesh-and-india-strengthen-ties-through-cyber-maitree-2023
• https://www.bssnews.net/news-flash/150763
• https://digibanglatech.news/english/bangladesh-english/125439/
• https://www.mea.gov.in/Portal/LegalTreatiesDoc/BG17B3024.pdf
• https://digibanglatech.news/english/bangladesh-english/125439/
• https://www.tbsnews.net/tech/ict/bangladesh-india-work-together-cyber-security-palak-712182

‍

Introduction

The nation got its first consolidated data protection regulation in the form of the Digital Personal Data Protection Act, 2023, in the month of August, and the Indian netizens got their independence in terms of data protection and privacy. The act lays heavy penalties for non-compliance with the provisions, and the same is under the jurisdiction of a Data Protection Board set up by the Central Government, which enjoys powers equivalent to a civil court. The act upholds the right to data privacy as the fundamental right under Article 19 (1)(A) and 21 of the Constitution of India. The same has been judicially supported in the form of the landmark judgement,  Jus. K.S Puttawamy vs. Union of India of 2018. Let us take a look at the impact the act will make on the Indian netizens. 

‍

What is Personal Data? 

Personal Data refers to any form of digitised data which can be directly replicated by any person. This includes email IDs, mobile numbers, health data, banking data, photos, etc. A person to whom the personal data belongs is called the Data Principle. A Data principle is anyone who is above the age of 18 years and consents to the data of children/minors. In the case of children/minors, it is mandatory for the parents or guardians to provide their express consent for the processing of personal data for all or any purposes. Any individual who is processing personal data is known as the Data Fiduciry, and individuals registered under the act may act as consent managers to make the consent transparent.  When it comes to the rights of the netizens, it is seen that the act is created with an aspect of  “Safety by Design” to secure the rights and responsibilities of the netizens. 

‍

Rights secured under the DPDP Act 2023

• Right to Grievance Redressal: The Data fiduciary and the consent manager are required to respond to the grievances of the Data Principal within a time period, which is soon to be prescribed, thus creating a blanket of responsibility for the data fiduciary and consent manager. 
• Right to Nominate: Data Principals have the right to nominate any other individual who shall, in the event of death or incapacity of the data principal, exercise his/her rights.  
• Right to access to information: The Data principal has the right to seek confirmation from Data fiduciaries regarding the processing of their personal data and the summary of the processed data as well. 
• Right to Erasure and Correction: Data principals can reach out to the data fiduciaries in order to exercise their right to correct, complete, update and erasure of their personal data.  
• Territorial Rights: The data is to be processed within India, and processing outside India should be in regard to the services provided in India. 
• Material Rights: The rights are applicable to any personal data collected in digitised form and also for the data collected in a non-digital form but subsequently digitised. 

Obligations for Data Fiduciaries 

The data fiduciaries are mandated to oblige with the following provisions in order to maintain compliance with the laws of the land and by securing the Digital rights of the netizens. 

These are the obligations of the data fiduciaries: 

• Implement technical and organisational measures to safeguard Personal Data. 
• Determine the legal grounds for processing and obtaining consent from Data principals where required. 
• Provide a privacy notice while obtaining consent from Data principals. 
• Implement a mechanism for data principals to exercise their rights.
• Implement a grievance redressal mechanism for handling the queries from Data principals. 
• Irrecoverably delete personal data after the purpose for which it was collected has expired or when the consent has been withdrawn. 
• Have a breach management policy to notify the data protection board and the data principals in accordance with prescribed timelines. 
• Sign a valid contract with Data processors to ensure key obligations are abided by them, including timely deletion of data. 

Conclusion 

As the world steps into the digital age, it is pertinent for the governments of the world to come up with efficient and effective legislation to protect cyber rights and responsibilities, but as cyberspace has no boundaries, nations need to work in synergy to protect their cyber interests and netizens. This can only begin once all nations have indigenous Cyber laws and rights to protect netizens, and the same has been addressed by the Indian Government in the form of the Digital Perosnl Data Protection Act, 2023. The future is full of emerging technologies and the evolution of cyber laws; hence, consolidating a basic legal structure now is of utmost importance and the same is expected to be strengthened in India by the soon-to-be-released Draft Digital India Bill.  

‍