Honouring UN Peacekeepers: Safeguarding Peace in a Changing World

Introduction

The government has announced that the new criminal laws will come into force on 1st July 2024. The Union Government notified that three recently enacted criminal laws, viz. Bhartiya Nyaya Sanhita 2023, Bharatiya Nagarik Suraksha Sanhita 2023, and Bharatiya Sakshya Adhiniyam 2023 will be effective from 1st July 2024.  The Indian Penal Code 1860, Code of Criminal Procedure 1973, and Indian Evidence Act 1872 have been replaced by these new criminal laws.

On 23 February 2024, the Ministry of Home Affairs Announced the Effective Date of new criminal laws as follows:

1. Bharatiya Nyaya Sanhita, 2023 Effective from 1-7-2024, except Section 106(2).
2. Bharatiya Sakshya Adhiniyam, 2023 Effective from 1-7-2024.
3. Bharatiya Nagarik Suraksha Sanhita, 2023 The provisions will come into force on 1-7-2024 except the provisions of the entry relating to section 106(2) of the Bharatiya Nyaya Sanhita, 2023, in the First Schedule.

Section 106(2) Will Not Be Enforced

Truckers protested against this provision, which provides 10 years imprisonment and fines for those who cause death by rash and negligent driving of a vehicle not amounting to culpable homicide, and escape without reporting it to a police officer. As of now, the government has promised truckers and transporters that subsection 2 of Section 106 of Bharatiya Nyay Sanhita (BNS) will not come into force. This subsection deals with fatal hit-and-run cases and prescribes higher penalties for not informing authorities immediately after an accident. 

Section 106(2) of Bharatiya Nyaya Sanhita, 2023 read as follows;

106. Causing death by negligence.—

(2) Whoever causes death of any person by rash and negligent driving of vehicle not amounting to culpable homicide, and escapes without reporting it to a police officer or a Magistrate soon after the incident, shall be punished with imprisonment of either description of aterm which may extend to ten years, and shall also be liable to fine.

BHARATIYA SAKSHYA ADHINIYAM, 2023

The Bhartiya Sakshya Adhiniyam 2023 will replace the Indian Evidence Act 1872. The Act has undergone significant modification to maintain its fundamental principles for fair legal proceedings and adapt to technological advancements and changes in societal norms. This Act recognises electronic records as primary evidence under Section 57. It also allows the electronic presentation of oral evidence, enabling remote testimony and ensuring that electronic records will have the same legal effect as paper records.

Bharatiya Nagarik Suraksha Sanhita, 2023

The Bharatiya Nagarik Suraksha Sanhita, 2023 replaces the 1973 Code of Criminal Procedure, introducing certain modifications. This Act, under section 176, requires forensic investigation for crimes punished with seven years' imprisonment or more.  Section 530 of BNSS, 2023 is a newly inserted provision which envisages the use of electronic communication audio-video electronic means for trials, inquiries, proceedings, service and issuance of summons. Electronic mode is permitted for all trials, inquiries, and proceedings under section 173 of this Act. The concept of Zero FIR is also introduced under section 173(1) and mandates police stations to register the FIR, irrespective of jurisdiction.

Conclusion

India's new criminal laws are set to take effect on 1st July 2024. These laws modernise the country's legal framework, replacing outdated statutes and incorporating technological advancements. The concerns from stakeholders led to the withholding of enforcement of Section 106(2) of Bharatiya Nyaya Sanhita 2023. The new criminal laws aim to address contemporary society's complexities while upholding justice and fairness.

References

• https://www.indiatoday.in/india/video/new-criminal-laws-to-come-into-effect-from-july-1-2506664-2024-02-24
• https://www.lawrbit.com/article/ipc-crpc-evidence-act-replaced-by-new-criminal-laws/

‍

The Digital Personal Data Protection (DPDP) Act, 2023, operationalises data privacy largely through a consent management framework. It aims to give data principles, ie, individuals, control over their personal data by giving them the power to track, change, and withdraw their consent from its processing. However, in practice, consent management is often not straightforward. For example, people may be frequently bombarded with requests, which can lead to fatigue and eventual overlooking of consent requests. This article discusses the way consent management is handled by the DPDP Act, and looks at how India can design the system to genuinely empower users while holding organisations accountable.

‍

Consent Management in the DPDP Act

‍

According to the DPDP Act, consent must be unambiguous, free, specific, and informed. It must also be easy for people to revoke their consent (DPO India, 2023). To this end, the Act creates Consent Managers- registered middlemen- who serve as a link between users and data custodians. 

The purpose of consent managers is to streamline and centralise the consent procedure. Users can view, grant, update, or revoke consent across various platforms using the dashboards they offer. They hope to improve transparency and lessen the strain on people to keep track of permissions across different services by standardising the way consent is presented (IAPP, 2024).

The Act draws inspiration from international frameworks such as the GDPR (General Data Protection Regulation), mandating that Indian users be provided with a single platform to manage permissions rather than having to deal with dispersed consent prompts from every service.

‍

The Challenges 

‍

Despite the mandate for an interoperable platform for consent management, several key challenges emerge. There is a lack of clarity on how consent management will be operationalised. This creates challenges of accountability and implementation.  Thus, : 

1. If the interface is poorly designed,  users could be bombarded with content permissions from apps/platforms/ services that are not fully compliant with the platform. 
2. If consent notices are vague, frequent, lengthy, or complex, users may continue to grant permissions without meaningful engagement. 
3. It leaves scope for data fiduciaries to use dark patterns to coerce customers into granting consent through poor UI/UX design.
4. The lack of clear, standardised interoperability protocols across sectors could lead to a fragmented system, undermining the goal of a single, easy-to-use platform.
5. Consent fatigue could easily appear in India's digital ecosystem, where apps, e-commerce websites, and government services all ask for permissions from over 950 million internet subscribers. Experiences from GDPR countries show that users who are repeatedly prompted eventually become banner blind, which causes them to ignore notices entirely.
6. Low levels of literacy (including digital literacy) and unequal access to digital devices among women and marginalised communities create complexities in the substantive coverage of privacy rights.  
7. Placing the burden of verification of legal guardianship for children and persons with disabilities (PwDs) on data fiduciaries might be ineffective, as SMEs may lack the resources to undertake this activity. This could create new forms of vulnerability for the two groups. 

Legal experts claim that this results in what they refer to as a legal fiction, wherein consent is treated as valid by the law despite the fact that it does not represent true understanding or choice (Lawvs, 2023). Additionally, research indicates that users hardly ever read privacy policies in their entirety. People are very likely to tick boxes without fully understanding what they are agreeing to. By drastically limiting user control, this has a bearing on the privacy rights of Indian citizens and residents.  (IJLLR, 2023).

‍

Impacts of Weak Consent Management:

‍

According to the Indian Journal of Law and Technology, in an era of asymmetry and information overload, privacy cannot be sufficiently protected by relying only on consent (IJLT, 2023). Almost every individual will be impacted by inadequate consent management.

1. For Users: True autonomy is replaced by the appearance of control. Individuals may unintentionally disclose private information, which undermines confidence in digital services.
2. For Businesses: Compliance could become a mere formality. Further, if acquired consent is found to be manipulated or invalid, it creates space for legal risks and reputational damage. 
3. For Regulators: It becomes difficult to oversee a system where consent is frequently disregarded or misinterpreted. When consent is merely formal, the law's promise to protect personal information is undermined.

‍

Way Forward

‍

1. Layered and Simplified Notices: Simple language and layers of visual cues should be used in consent requests. Important details like the type of data being gathered, its intended use, and its duration should be made clear up front. Additional explanations are available for users who would like more information. This method enhances comprehension and lessens cognitive overload (Lawvs, 2023).
2. Effective Dashboards: Dashboards from consent managers should be user-friendly, cross-platform, and multilingual. Management is made simple by features like alerts, one-click withdrawal or modification, and summaries of active permissions. The system is more predictable and dependable when all services use the same format, which also reduces confusion (IAPP, 2024). 
3. Dynamic and Contextual Consent: Instead of appearing as generic pop-ups, consent requests should show up when they are pertinent to a user's actions. Users can make well-informed decisions without feeling overburdened by subtle cues, such as emphasising risks when sensitive data is requested (IJLLR, 2023). 
4. Accountability of Consent Managers: Organisations that offer consent management services must be accountable and independent, through clear certification, auditing, and specific legal accountability frameworks. Even when formal consent is given, strong trustee accountability guarantees that data is not misused (IJLT, 2023).
5. Complementary Protections Beyond Consent: Consent continues to be crucial, but some high-risk data processing might call for extra protections. These may consist of increased responsibilities for fiduciaries or proportionality checks. These steps improve people's general protection and lessen the need for frequent consent requests (IJLLR, 2023).

‍

Conclusion

‍

The core of the DPDP Act is to empower users to have control over their data through measures such as consent management. But requesting consent is insufficient; the system must make it simple for people to manage, monitor, and change it. Effectively designed, managed, and executed consent management has the potential to revolutionise user experience and trust in India's digital ecosystem if it is implemented carefully.To make consent management genuinely meaningful, it is imperative to standardise procedures, hold fiduciaries accountable, simplify interfaces, and investigate supplementary protections.

‍

References

‍

Building Trust with Technology: Consent Management Under India’s DPDP Act, 2023

Consent Fatigue and Data Protection Laws: Is ‘Informed Consent’ a Legal Fiction

Beyond Consent: Enhancing India's Digital Personal Data Protection Framework

Constitutional Implications Of Consent Fatigue In Data Protection: Rethinking Meaningful Consent In The Indian Context 

Top 10 operational impacts of India’s DPDPA – Consent management

‍

Introduction

In recent years, the city of Hyderabad/Cyberabad has emerged as a technology hub, a place with the strong presence of multi corporations, Startups, and research institutions, Hyderabad has become a hub of innovations and technological advancement. However, this growing land of cyber opportunities has also become a hub for cybercriminals as well. In this blog post, we shall explore the reasons why professionals are being targeted and the effects of cyber fraud on techies. Through this investigation, we hope to raise awareness about the seriousness of the problem as well as give vital insights and techniques for Cyberabad’s computer workers to defend themselves against cyber theft. We can work together to make Cyberabad’s technology ecosystem safer and more secure.

Defining Cyber Fraud

In today’s age, where everything has an interconnected digital world, cyber fraud cases are increasing daily. Cyber fraud encompasses a wide range of threats and techniques employed by bad actors, such as Phishing, Ransomware, identity theft, online scams, data breaches, and fake websites designed for users. The sophistication of cyber fraud techniques is constantly evolving, making it challenging for individuals and organisations to stay ahead. Cybercriminals use software vulnerabilities, social engineering tactics, and flaws in cybersecurity defences to carry out their harmful operations. Individuals and organisations must grasp these dangers and tactics to protect themselves against cyber fraud.

Impact of Cyber Frauds

The consequences of Falling victim to cyber fraud can be devastating, both personally and professionally. The emotional and financial toll on individuals may be a challenge. Identity theft may lead to damaged credit scores, fraudulent transactions, and years of recovery work to rehabilitate one’s image. Financial fraud can result in depleted bank accounts, unauthorised charges, and substantial monetary losses. Furthermore, being tricked and violated in the digital environment can generate anxiety, tension, and a lack of confidence.

The impact of cyber fraud goes beyond immediate financial losses and can have long-term consequences for individuals’ and organisations’ entire well-being and stability. As the threat environment evolves, it is critical for people and organisations to recognise the gravity of these repercussions and take proactive actions to protect themselves against cyber theft.

Why are Cyberabad Tech Professionals Targeted?

Tech professionals in Cyberabad are particularly vulnerable to cyber due to various factors. Firstly, their expertise and knowledge in technology make them attractive targets for cybercrooks. These professionals possess valuable coding, Software, and administration skills, making them attractive to cybercriminals.

Secondly, the nature of work often involves enormous use of technology, including regular internet contacts, email exchanges, and access to private information. This expanded digital presence exposes them to possible cyber dangers and makes them more vulnerable to fraudsters’ social engineering efforts. Furthermore, the fast-moving nature of the tech industry, with many deadlines and work pressure to deliver, can create a distraction. This can let them click on some malicious links or share sensitive information unknowingly all these factors let the cyber criminals exploit vulnerabilities.

Unveiling the Statistics

According to various reports, 80% of cyber fraud victims in Hyderabad are techies; the rest are the public targeted by cyber crooks. This surprising number emphasises the critical need to address the vulnerabilities and threats this specific segment within the IT community faces.

Going further into the data, we can acquire insights into the many forms of cyber fraud targeting tech workers, the strategies used by cybercriminals, and the impact these occurrences have on individuals and organisations. Examining precise features and patterns within data might give important information for developing successful preventative and protection methods.

Factors Contributing

Several reasons contribute to the elevated risk of cyber fraud among ICT professionals in Cyberabad. Understanding these aspects helps explain why this group is specifically targeted and may be more vulnerable to such assaults.

Technical Expertise: Tech workers frequently have specialised technical knowledge, but this knowledge may only sometimes extend to cybersecurity. Their primary concentration is writing software, designing systems, or implementing technologies, which may result in missing possible vulnerabilities or a lack of overall cybersecurity understanding.

Confidence in Technology: IT workers have a higher level of confidence in technology because of their knowledge and dependence on technology. This trust can sometimes make individuals more vulnerable to sophisticated frauds or social engineering approaches that prey on their faith in the services they utilise.

Time Constraints and Pressure: Tech workers frequently operate under tight deadlines and tremendous pressure to reach project milestones. This may result in hurried decision-making or disregarding possible warning signals of cyber fraud, rendering them more exposed to assaults that prey on time-sensitive circumstances.

Cybercriminals know that technology workers have valuable knowledge, trade secrets, and intellectual property that may be economically profitable. As a result, they are attractive targets for attacks aiming at stealing sensitive data or gaining unauthorised access to critical systems.

The best practices that cyber techies can apply to safeguard their personal and professional data by following these simple tips:

Strong Passwords: create a strong password, using passwords for all your online accounts and changing them regularly. Remember to use unique combinations!

MFA (Multi-Factor Authentication): Enable MFA wherever possible. This provides an extra degree of protection by requiring a second form of verification, such as a code texted to your mobile device and your password.

Use Secured WiFi: Use secure and encrypted Wi-Fi networks, especially while viewing sensitive information. Avoid connecting to public or unprotected networks, as they can be readily exploited. Recognising Red Flags and Staying Ahead

Social Engineering: Be sceptical of unwanted solicitations or offers, both online and offline. Cybercriminals may try to persuade or fool you using social engineering tactics. Before revealing any personal or private information, think critically and confirm the veracity of the request.

Secure Web Browsing: Only browse trustworthy websites with valid SSL certificates (look for “https://” in the URL). Avoid clicking on strange links or downloading files from unknown sources since they may contain malware or ransomware.

Report Suspicious actions: If you encounter any suspicious or fraudulent actions, report them to the relevant authorities, such as the Cyber Crime Police or your organisation’s IT department. Reporting events can assist in avoiding additional harm and aid in identifying and apprehending hackers.

Stay Current on Security Practises: Stay up to speed on the newest cybersecurity risks and best practices. Follow credible sources, participate in cybersecurity forums or seminars, and remain current on new threats and preventative measures.

Conclusion

The rise in cybercrimes and fraud cases among tech experts in Cyberabad is a disturbing trend that requires prompt intervention. We can establish a safer tech cluster that lives on creativity, trust, and resilience by adopting proactive actions, raising awareness, and encouraging cooperation. Let us work together to prevent cybercrime and ensure the future of Cyberabad’s IT ecosystem.