QUESTION : Discuss the challenges or concerns faced by cyber security and suggest ways to increase cyber expertise in India.
Ediotrial Topic : SURVEILLANCE REFORM IS THE NEED OF THE HOUR
WHY IN NEWS ?
• Recently, as per an investigation by a group of 17 media organisations, Pegasus was used to hack phones belonging to journalists, human rights activists, business executives and politicians.
• These revelations highlight a disturbing trend with regard to the use of hacking software against dissidents and adversaries.
WHAT IS PEGASUS ?
• Built and marketed by Israeli company NSO, Pegasus is a software that infects devices & spies on the victim by transferring data to master server in an unauthorised manner.
• NSO says the software is intended for use against criminals and terrorists and is made available only to military, law enforcement and intelligence agencies from countries with good human rights records.
HOW DOES IT WORK ?
• Pegasus, in the very basic form, can infect devices that are connected to the internet. Some updated versions can also infect phones even without the victim clicking on any links or messages.
• Most spyware and stalkerware apps disguise themselves as anti-theft applications that can be used to track stolen or lost devices.
• While viruses and malware can be detected by anti-virus software, spyware & stalkerware apps disguise themselves as useful and send out stolen data to central servers without the knowledge of users.
• The software can, based on instructions from a remote server, automatically turn on the camera and the microphone and look into chats, access the calendar and read SMS-es and emails.
SIGNIFICANCE OF PRIVACY ON PRESS FREEDOM :
• Privacy and free speech enable transparent journalism.
• They protect journalists against threats of private and governmental reprisals against legitimate reporting.
• In the absence of privacy, the safety of journalists, especially those whose work criticises the government, and the personal safety of their sources is jeopardised.
• Therefore, such a lack of privacy, creates an environment of distrust around these journalists and effectively buries their credibility.
• India also ranks low (142 out of 180 countries in 2021) in World Press Freedom Index produced by Reporters Without Borders.
PROVISIONS ALLOWING INTERCEPTION OF E-COMMUNICATION IN INDIA :
• Indian Telegraph Act, 1885 and the Information Technology (Amendment) Act, 2000 authorise the governments to intercept all types of electronic communication.
o Under Section 5(2) of the Indian Telegraph Act, agencies can intercept electronic communication on the occurrence of any public emergency, or in the interest of the public safety.
o Rule 419A of the Indian Telegraph Rules identifies the officers who can order surveillance of messages.
TYPES OF CYBER ATTACKS :
Malware: It is short for malicious software, refers to any kind of software that is designed to cause damage to a single computer, server, or computer network. Ransomware, Spy ware, Worms, viruses, and Trojans are all varieties of malware.
Phishing: It is the method of trying to gather personal information using deceptive e-mails and websites.
Denial of Service attacks: A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users.
Man-in-the-middle (MitM) attacks: Also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction.Once the attackers interrupt the traffic, they can filter and steal data.
SQL Injection: SQL stands for Structured Query Language, a programming language used to communicate with databases.
o Many of the servers that store critical data for websites and services use SQL to manage the data in their databases.
o A SQL injection attack specifically targets such kinds of servers, using malicious code to get the server to divulge information it normally wouldn’t.
Cross-Site Scripting (XSS): Similar to an SQL injecti on attack, this attack also involves injecting malicious code into a website, but in this case the website itself is not being attacked.
o Instead the malicious code the attacker has injected, only runs in the user’s browser when they visit the attacked website, and it goes after the visitor directly, not the website.
Social Engineering: It is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.
(1) Overlapping of provisions:
• While the provisions of the Telegraph Act relate to telephone conversations, the IT Act relates to all communications undertaken using a computer resource.
o Section 69 of the Information Technology (IT) Act 2000 and Information Technology (Procedure for Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009, authorises the agencies to issue directions for interception of information through any computer resource, including mobile phones.
• Section 69 of the IT Act and the Interception Rules of 2009 are offer weaker protections to the surveilled.
(2) Hacking, even by govt., is not allowed by laws:
• No provision allows the government to hack the phones of any individual since hacking of computer resources, including mobile phones is a criminal offence under the IT Act.
(3) Violation of the fundamental rights
• Surveillance itself, whether under a provision of law or without it, is a gross violation of the fundamental rights of citizens.
o The surveillance system impacts the right to privacy and the exercise of freedom of speech and personal liberty under Articles 19 and 21 of the Constitution, respectively.
o It prevents people from exchanging controversial or provocative ideas.
This perceived danger impacts their ability to express, receive and discuss such ideas.
(4) Absence of litigation support
• There is no scope for an individual subjected to surveillance to approach a court of law prior to or during or subsequent to acts of surveillance since the system itself is covert.
• In the absence of parliamentary or judicial oversight, electronic surveillance gives the executive the power to influence both the subject of surveillance and all classes of individuals, resulting in a suppression on free speech.
(5) Opacity in government information
• In response to a Right to Information (RTI) request in 2013, the Central government had revealed that 7,500 to 9,000 orders for interception of telephones are issued by it every month.
• However, RTI requests for such information are now denied citing threats to national security and to the physical safety of persons.
(6) Disproportionate power and breach of rights
• The surveillance, when carried out entirely by the executive, curtails Articles 32 and 226 of the Constitution (empowering the Supreme Court and High Courts, respectively, to issue certain writs) as it happens in secret.
• Thus, the affected person is unable to show a breach of their rights.
o This violates not only the ideals of due process.
o It also goes against the requirement of procedural safeguards as mandated in K.S. Puttaswamy (Retd) v. Union of India (2017).
o Also, giving such power to only one wing (i.e., executive) of the government threatens the separation of powers of the government.
WAY FORWARD :
• Surveillance reform is the need of the hour as the existing protections are weak and the proposed legislation related to the personal data protection of Indian citizens fails to consider surveillance.
• Thus, in order to maintain an effective separation of powers and to fulfill the requirements of procedural safeguards and natural justice, there needs to fill the loopholes in the current surveillance laws.
• The need for judicial oversight over surveillance systems in general, and judicial investigation into the Pegasus hacking in particular, is essential.
• Only the judiciary can be competent to decide whether specific instances of surveillance are proportionate, whether less onerous alternatives are available, and to balance the necessity of the government’s Security objectives with the rights of the impacted individuals
• Real-time intelligence is required for preventing and containing cyber attacks. To achieve that, India needs to secure its computing environment and Internet of Things (IoT) with current tools, patches, updates and best-known methods in a timely manner.
• The need of the hour is to develop core skills in cyber-security, data integrity, and data security fields and setting up of stringent cyber-security standards to protect the institutional infrastructure of the country.
Given the future of technology under Industrial Revolution 4.0, only an integrated, whole-of-the-ecosystem approach for securing critical infrastructure will be successful.
QUESTION : Critically analyse the impact of closure of schools or educational institutions due to covid-19 Pandemic in India and mention about international experience .
Editorial Topic – THE CRISIS AHEAD, FROM LEARNING LOSS TO RESUMPTION
Impact of closure of schools
WHY IN NEWS ?
• Since school closure has led to a great loss of nutrition and schooling for the poorest sections of our society, there is some urgency in the calls we hear to reopen schools.
o However, the important question remains this: if schools were to reopen tomorrow, are we prepared for their resumption? Will it be merely business as usual?
MORE INFORMATION ABOUT THIS :
• Schools have been closed for 16 months now, with no clarity on or a timeline for their resumption as yet.
• The country has promoted online classes and e-connectivity as the solution, perhaps inevitably so, since physical contact between teachers and children has not been possible.
• The focus in the past year citing pandemic has been on secondary and higher secondary education, with most States ensuring some form or other of online classes for this segment.
o However, due to a lack of connectivity as well as a lack of access to e-devices, only a fraction of children even in this age group has had online education of any kind.
• When it comes to children in the primary and upper primary classes, even such access has been limited to a minuscule fraction.
o Children of the poor, studying in government schools, have been especially disadvantaged in this regard.
• Further aggravating the situation is the quality of online education — it is largely abysmal.
• As most studies show, the percentage of teachers in the country capable of handling digital platforms for pedagogic purposes is very small.
• The educational material provided by them has also been mere reproduction of what is used in a physical classroom.
o Hence, even where online classes have taken place regularly — as in the case of urban schools, with students largely from middle and high income groups — the teaching-learning processes have by and large been poor.
• Worldwide, many studies in the last year have documented a loss of learning in children.
o In the Netherlands, despite a short lockdown, equitable school funding, and excellent broadband access, researchers found that among 8 to 11 year olds, “students made little or no progress while learning from home” and that “learning loss was most pronounced among students from disadvantaged homes”.
IMPACT ON INDIA :
• According to a study by the Azim Premji Foundation in January 2021, covering more than 16,000 children in the age group six to 11 years, and across five States, 92% of children on average have lost at least one specific language ability from the previous year across all classes; the figure is 82% when it comes to mathematical ability.
• A question that looms large in the minds of teachers, parents and especially the children, is a basic one: will a child, who was in Class four in March 2020, and did not get to attend a single class during the academic year 2020-2021, be admitted into Class six now in (say) August 2021?
o In some States this has already been addressed and answered this year.
o Age-appropriate enrolment, as guaranteed under the Right to Education Act, is being uniformly implemented.
But this has not been ensured across India, with many States not taking up enrolment for this year as yet.
EXPERIENCE BY OTHER NATIONS :
• ‘One way of addressing the learning crisis might be to repeat the entire academic year.
o The government in Kenya has decided to do just this’.
• Some countries, such as the Philippines, allow extended time for classes on resumption, both in duration of school hours and more calendar days of interaction.
• ‘Another approach is to reduce and synthesize the curriculum so that students are able to focus on a few subjects and learn them well’.
o This is followed, for instance, by the State of Ontario in Canada.
• One-to-one tutoring for the most disadvantaged learners has been taken up in many countries.
o Among the most prestigious such programmes is the National Tutoring Programme in the United Kingdom for which the government has announced funding to the tune of £350 million.
o Ghana has also announced a national programme of tutoring.
o In Italy, university students are volunteering to conduct one-one-one classes for middle school children from poor immigrant backgrounds.
WAY FORWARD :
• Accelerated education programmes or “bridge courses”, which condense several months (or even years of schooling) into a few weeks or months, are another option. This concept has been taken up in several countries.
• One strong voice emerging from all these experiences is: “Acceleration, not remediation”. The advice is to go with exposure to age-level grade-level content, and plug the holes where necessary.
• Many educators warn against a deficit model that starts with measuring “loss” and tries to “fill the void”, before returning to the “normal”. Such models tend to ignore the complexity of psychological preparedness in children, and reduce learning to a single dimension of achievement, which invariably works against children in low-resource contexts.
• What we need now is nothing less than a national rejuvenation programme for elementary education. The school system cannot do what is needed by itself. We need a vast body of volunteers engaging in small groups with children from the most disadvantaged sections, working in tandem with schools, which will need to focus on safety measures and average performance.
• It is critical that we should not reduce education to foundational literacy and numeracy, but treat children as they are, study the experiences they bring, and address their nutritional, emotional and intellectual well-being as a whole.
• The country has already shown during the pandemic that it lacks the capability to re-imagine examinations, whether it be at the secondary school level, or at university. Now, with the education of small children, a similar lack of imagination in curriculum and pedagogy will be splendidly ironic: without ourselves learning any lesson from the pandemic, we would be demanding that the children learn their lessons.
During the pandemic, the country demonstrated that it lacked the ability to re-imagine assessments, whether at the secondary school or university level.