India to come up with AI Regulation Framework

Introduction

In the age of digital advancement, where technology continually grows, so does the method of crime. The rise of cybercrime has created various threats to individuals and organizations, businesses, and government agencies. To combat such crimes law enforcement agencies are looking out for innovative solutions against these challenges. One such innovative solution is taken by the Surat Police in Gujarat, who have embraced the power of Artificial Intelligence (AI) to bolster their efforts in reducing cybercrimes.

Key Highlights

Surat, India, has launched an AI-based WhatsApp chatbot called "Surat Police Cyber Mitra Chatbot" to tackle growing cybercrime. The chatbot provides quick assistance to individuals dealing with various cyber issues, ranging from reporting cyber crimes to receiving safety tips. The initiative is the first of its kind in the country, showcasing Surat Police's dedication to using advanced technology for public safety. Surat Police Commissioner-in-Charge commended the use of AI in crime control as a positive step forward, while also stressing the need for continuous improvements in various areas, including technological advancements, data acquisition related to cybercrime, and training for police personnel.

The Surat Cyber Mitra Chatbot, available on WhatsApp number 9328523417, offers round-the-clock assistance to citizens, allowing them to access crucial information on cyber fraud and legal matters. 

Surat Police's AI Chatbot: Cyber Mitra

• Surat Police in Gujarat, India, has launched an AI-based WhatsApp chatbot, "Surat Police Cyber Mitra Chatbot," to combat growing cybercrime.
• The chatbot provides assistance to individuals dealing with various cyber issues, from reporting cyber crimes to receiving safety tips.
• The initiative is the first of its kind in the country, showcasing Surat Police's dedication to using advanced technology for public safety.
• The Surat Cyber Mitra Chatbot, available on WhatsApp number 9328523417, offers round-the-clock assistance to citizens, providing crucial information on cyber fraud.

The Growing Cybercrime Threat

With the advancement of technology, cybercrime has become more complex due to the interconnectivity of digital devices and the internet. The criminals exploit vulnerabilities in software, networks, and human behavior to perpetrate a wide range of malicious activities to fulfill their illicit gains. Individuals and organizations face a wide range of cyber risks that can cause significant financial, reputational, and emotional harm. 

Surat Police’s Strategic Initiative

Surat Police Cyber Mitra Chatbot is an AI-powered tool for instant problem resolution. This innovative approach allows citizens to address any issue or query at their doorstep, providing immediate and accurate responses to concerns. The chatbot is accessible 24/7, 24 hours a day, and serves as a reliable resource for obtaining legal information related to cyber fraud.

The use of AI in police initiatives has been a topic of discussion for some time, and the Surat City Police has taken this step to leverage technology for the betterment of society. The chatbot promises to boost public trust towards law enforcement and improve the legal system by addressing citizen issues within seconds, ranging from financial disputes to cyber fraud incidents.

This accessibility extends to inquiries such as how to report financial crimes or cyber-fraud incidents and understand legal procedures. The availability of accurate information will not only enhance citizens' trust in the police but also contribute to the efficiency of law enforcement operations. The availability of accurate information will lead to more informed interactions between citizens and the police, fostering a stronger sense of community security and collaboration.

The utilisation of this chatbot will facilitate access to information and empower citizens to engage more actively with the legal system. As trust in the police grows and legal processes become more transparent and accessible, the overall integrity and effectiveness of the legal system are expected to improve significantly.

Conclusion

The Surat Police Cyber Mitra Chatbot is an AI-powered tool that provides round-the-clock assistance to citizens, enhancing public trust in law enforcement and streamlining access to legal information. This initiative bridges the gap between law enforcement and the community, fostering a stronger sense of security and collaboration, and driving improvements in the efficiency and integrity of the legal process.

References:

• https://www.ahmedabadmirror.com/surat-first-city-in-india-to-launch-ai-chatbot-to-tackle-cybercrime/81861788.html
• https://government.economictimes.indiatimes.com/news/secure-india/gujarat-surat-police-adopts-ai-to-check-cyber-crimes/107410981
• https://www.timesnownews.com/india/chatbot-and-advanced-analytics-surat-police-utilising-ai-technology-to-reduce-cybercrime-article-107397157
• https://www.grownxtdigital.in/technology/surat-police-ai-cyber-mitra-chatbot-gujarat/

‍

Introduction

The whole world is shifting towards a cashless economy, with innovative payment transaction systems such as UPI payments, card payments, etc. These payment systems require processing, storage, and movement of millions of cardholders data which is crucial for any successful transaction.

And therefore to maintain the credibility of this payment ecosystem, security or secure movement and processing of cardholders data becomes paramount. Entities involved in a payment ecosystem are responsible for the security of cardholders data. Security is also important because if breaches happen in cardholders data it would amount to financial loss. Fraudsters are attempting smart ways to leverage any kind of security loopholes in the payment system.

So these entities which are involved in the payment ecosystem need to maintain some security standards set by one council of network providers in the payment industry popularly known as the Payment Card Industry Security Standard Council.

Overview of what is PCI and PCI DSS Compliance

Earlier every network providers in the payment industry have their own set of security standards but later they all together i.e., Visa, Mastercard, American Express, Discover, and JCB constituted an independent body to come up with comprehensive security standards like PCI DSS, PA DSS, PCI-PTS, etc.  And these network providers ensure the enforcement of the security standards by putting conditions on services being provided to the merchant or acquirer bank.

In other words, PCI DSS particularly is the global standard that provides a baseline of technical and operational requirements designed to protect account data. PCI DSS is a security standard specially designed for merchants and service providers in the payment ecosystem to protect the cardholders data against any fraud or theft.

It applies to all the entities including third-party vendors which are involved in processing storing and transmitting cardholders data. In organization, even all CDE (Card Holder Data Environment) including system components or network component that stores and process cardholders data, has to comply with all the requirements of PCI compliance.  Recently PCI has released a new version of PCI DSS v4.0 a few months ago with certain changes from the previous version after three years of the review cycle.

12 Requirements of PCI DSS

This is the most important part of PCI DSS as following these requirements can make any organization to some extent PCI compliant. So what are these requirements:

• Installing firewalls or maintaining security controls in the networks
• Use strong password in order to secure the CDE( Card holders data environment)
• Protection of cardholder data
• Encrypting the cardholder data during transmission over an open and public network.
• Timely detection and protection of the cardholders data environment from any malicious activity or software.
• Regular updating the software thereby maintaining a secure system.
• Rule of business need to know should apply to access the cardholders data
• Identification and authentication of the user are important to access the system components.
• Physical access to cardholders data should be restricted.
• Monitoring or screening of system components to know the malicious activity internally in real-time.
• Regular auditing of security control and finding any vulnerabilities available in the systems.
• Make policies and programs accordingly in order to support information security.

How organization can become PCI compliant

• Scope: First step is to determine all the system components or networks storing and processing cardholders data i.e., Cardholders Data Environment.
• Assess: Then test whether these systems or networks are complying with all the requirements of PCI DSS COMPLIANCE.
• Report: Documenting all the assessment through self assessment questionnaire by answering following questions like whether the requirements are met or not? Whether the requirements are met with customized approach.
• Attest: Then the next step is to complete the attestation process available on the website of PCI SSC.
• Submit: Then organization can submit all the documents including reports and other supporting documents if it is requested by other entities such as payment brands, merchant or acquirer.
• Remediate: Then the organisation should take remedial action for the requirements which are not in place on the system components or networks.

Conclusion

One of the most important issues facing those involved in the digital payment ecosystem is cybersecurity. The likelihood of being exposed to cybersecurity hazards including online fraud, information theft, and virus assaults is rising as more and more users prefer using digital payments.

And thus complying and adopting with these security standards is the need of the hour. And moreover RBI has also mandated all the regulated entities ( NBFCs Banks etc) under one recent notification to comply with these standards.

Introduction

The ongoing armed conflict between Israel and Hamas/ Palestine is in the news all across the world. The latest conflict was triggered by unprecedented attacks against Israel by Hamas militants on October 7, killing thousands of people. Israel has launched a massive counter-offensive against the Islamic militant group. Amid the war, the bad information and propaganda spreading on various social media platforms, tech researchers have detected a network of 67 accounts that posted false content about the war and received millions of views. The ‘European Commission’ has sent a letter to Elon Musk, directing them to remove illegal content and disinformation; otherwise, penalties can be imposed. The European Commission has formally requested information from several social media giants on their handling of content related to the Israel-Hamas war. This widespread disinformation impacts and triggers the nature of war and also impacts the world and affects the goodwill of the citizens. The bad group, in this way, weaponise the information and fuels online hate activity, terrorism and extremism, flooding political polarisation with hateful content on social media. Online misinformation about the war is inciting extremism, violence, hate and different propaganda-based ideologies. The online information environment surrounding this conflict is being flooded with disinformation and misinformation, which amplifies the nature of war and too many fake narratives and videos are flooded on social media platforms.

Response of social media platforms 

As there is a proliferation of online misinformation and violent content surrounding the war, It imposes a question on social media companies in terms of content moderation and other policy shifts.  It is notable that Instagram, Facebook and X(Formerly Twitter) all have certain features in place giving users the ability to decide what content they want to view. They also allow for limiting the potentially sensitive content from being displayed in search results.

The experts say that It is of paramount importance to get a sort of control in this regard and define what is permissible online and what is not, Hence, what is required is expertise to determine the situation, and most importantly, It requires robust content moderation policies. 

During wartime, people who are aggrieved or provoked are often targeted by this internet disinformation that blends ideological beliefs and spreads conspiracy theories and hatred. This is not a new phenomenon, it is often observed that disinformation-spreading groups emerged and became active during such war and emergency times and spread disinformation and propaganda-based ideologies and influence the society at large by misrepresenting the facts and planted stories. Social media has made it easier to post user-generated content without properly moderating it. However, it is a shared responsibility of tech companies, users, government guidelines and policies to collectively define and follow certain mechanisms to fight against disinformation and misinformation.  

Digital Services Act (DSA)

The newly enacted EU law, i.e. Digital Services Act, pushes various larger online platforms to prevent posts containing illegal content and also puts limits on targeted advertising. DSA enables to challenge the of illegal online content and also poses requirements to prevent misinformation and disinformation and ensure more transparency over what the users see on the platforms. Rules under the DSA cover everything from content moderation & user privacy to transparency in operations. DSA is a landmark EU legislation moderating online platforms.  Large tech platforms are now subject to content-related regulation under this new EU law ‘The Digital Services Act’, which also requires them to prevent the spread of misinformation and disinformation and overall ensure a safer online environment.

Indian Scenario

The Indian government introduced the Intermediary Guidelines (Intermediary Guidelines and Digital Media Ethics Code) Rules, updated in 2023 which talks about the establishment of a "fact check unit" to identify false or misleading online content. Digital Personal Data Protection, 2023 has also been enacted which aims to protect personal data. The upcoming Digital India bill is also proposed to be tabled in the parliament, this act will replace the current Information & Technology Act, of 2000. The upcoming Digital India bill can be seen as future-ready legislation to strengthen India’s current cybersecurity posture. It will comprehensively deal with the aspects of ensuring privacy, data protection, and fighting growing cyber crimes in the evolving digital landscape and ensuring a safe digital environment. Certain other entities including civil societies are also actively engaged in fighting misinformation and spreading awareness for safe and responsible use of the Internet. 

Conclusion:

The widespread disinformation and misinformation content amid the Israel-Hamas war showcases how user-generated content on social media shows you the illusion of reality. There is widespread misinformation, misleading content or posts on social media platforms, and misuse of new advanced AI technologies that even make it easier for bad actors to create synthetic media content. It is also notable that social media has connected us like never before. Social media is a great platform with billions of active social media users around the globe, it offers various conveniences and opportunities to individuals and businesses. It is just certain aspects that require the attention of all of us to prevent the bad use of social media. The social media platforms and regulatory authorities need to be vigilant and active in clearly defining and improving the policies for content regulation and safe and responsible use of social media which can effectively combat and curtail the bad actors from misusing social media for their bad motives. As a user, it's the responsibility of users to exercise certain duties and promote responsible use of social media. With the increasing penetration of social media and the internet, misinformation is rampant all across the world and remains a global issue which needs to be addressed properly by implementing strict policies and adopting best practices to fight the misinformation. Users are encouraged to flag and report misinformative or misleading content on social media and should always verify it from authentic sources. Hence creating a safer Internet environment for everyone.

References:

• https://abcnews.go.com/US/experts-fear-hate-extremism-social-media-israel-hamas-war/story?id=104221215
• https://edition.cnn.com/2023/10/14/tech/social-media-misinformation-israel-hamas/index.html
• https://www.nytimes.com/2023/10/13/business/israel-hamas-misinformation-social-media-x.html
• https://www.africanews.com/2023/10/24/fact-check-misinformation-about-the-israel-hamas-war-is-flooding-social-media-here-are-the//
• https://www.theverge.com/23845672/eu-digital-services-act-explained

‍