| The Karnataka police, which set up the first cyber crime police station in the country, has planned discussions with Nasscom and Internet service providers (ISPs) in the third week of March in Bangalore to leverage its cyber crime combat capacity. |
| Issues related to privacy laws of ISPs and constraints of the investigating agencies while pursuing hackers and phishers will be high on the agenda of the meeting convened by the Corps of Detectives (CoD), the nodal agency for investigating cyber crimes in Karnataka. |
| Speaking to Business Standard, Director General of Police (Corps of Detectives) Ajai Kumar Singh said: "We face difficulties while tracking hackers and these are largely because of the reluctance on the part of the service providers to part with information. We would have identified the internet protocol (IP) address of suspects, but find it difficult to proceed further as the service providers refuse to share information citing the laws of privacy in other countries. A few service providers express inability to give information stating that their servers are located outside India. We want to overcome such problems by sorting out issues across the table." |
| This is the first meeting involving Internet majors proposed in the country, which is witnessing a steady rise in online money transfer frauds and phishing attacks (acquiring a user's personal information such as bank account number and credit card details using social networking techniques). |
| According to the Indian Computer Emergency Response Team (Cert-In), of the 87 cyber intrusions that were reported from across the country in January 2008, 47 per cent were phishing attacks. In 2006, a total of 335 phishing attacks were reported to Cert-In. |
| In fact, in Karnataka alone, the number of online money transfer frauds reported under Section 66 of the Information Technology Act-2000 at the Cyber Crime Police station in Bangalore has increased from nine cases in 2005 to 21 in 2007. |
| Though Karnataka's cyber crime sleuths have succeeded in netting many hackers, the lack of cooperation from the service providers has turned out to be a major irritant to them. |
| An example being the sensational 'Key Logger' case that was detected by the cyber police team. The mastermind of the online fund transfer scam, Joseph, had hacked about 70 bank accounts by downloading the 'Key Logger' software that is freely available on the Internet. |
| Though Joseph and his accomplices were arrested two months ago, investigations reportedly slowed down as service provider Yahoo! Web Services India Limited was reluctant to oblige to the sleuths' request of sharing user details. |
| The explanation given by Yahoo! was that its server is in the USA. However, it was only after the sleuths reportedly exercised some soft power did the company agree to cooperate. In the case of Google too, sleuths maintain that they have been directed to get a search warrant from a US court to obtain information in some cases. |
| Though Singh maintained that the 'Key Logger' case investigation is not the trigger for the proposed discussions with the ISPs and Nasscom, he acknowledged the urgent need to bridge the gap between investigators and service providers. |
| "We had raised the issue at the all India directors' general of police (DGPs) conference last year. We are now taking it a step forward," Singh said. |
| Such discussions are imperative as phishers and hackers are spread all over the world and use newer techniques to sow chaos or commit offences, majority of which pertain to online bank transactions. |
| As pursuing hackers warrants a combination of humint (human intelligence) and techint (technical intelligence), the role of service providers is crucial in sourcing technical inputs which form concrete evidence during trial. |
| Singh said: "Service providers might have their servers outside India, but they should not forget that they are doing business here. They have to cooperate with the investigating agencies.'' |
| The move, apparently, has not gone well with the ISPs. "We find oursleves in a piquant situation as there have been instances in the past when users have sued us for sharing information," said an ISP representative who did not want to be identified. |
| However, superintendent of police (CoD-cyber crime) B A Mahesh countered it stating national security assumes paramount importance in such situations. |
| Mahesh, one of the few officers in Karnataka with expertise on cyber crime issues, said there have been several judgements in the US directing the service providers to act in accordance with the law of the land in which they operate. |
| He cited an order of the 9th Circuit Court in the US which ordered an ISP to oblige the French government's directive to stop auction of Nazi memorabilia on its website. |
| Apart from reining in the ISPs, Karnataka has also resolved to mount pressure on the Centre to have bilateral treaties with other countries to reduce time and space constraints in investigating cyber crimes. |
| "We are adopting a two-pronged strategy, of talking to ISPs directly and taking up the issue with the Centre. We need to stop cyber criminals,'' Singh added. |
Top Section
Explore Business Standard