The Indian
Approach to Cyber Forensics has not been very encouraging.
Despite many claims and promises, Cyber
Forensics in India has still not evolved properly. There
are very few Law Enforcement Personnel who are aware of Cyber Law and
even fewer are those who know about Cyber Forensics.
The Cyber Forensics Capabilities of India are still
evolving. Stakeholders like Police, Lawyers, Judges, etc are still
not comfortable with Cyber Forensics. In the absence of even basic
level Cyber Forensics adoption in India, Cyber Forensics Best
Practices have also not evolved in India.
This absence of “Best Practices” and “Cyber
Forensics Methodology” in India has resulted in “Improper Use”
of Cyber Forensics for Legal, Judicial and Law Enforcement purposes.
Even Internet
Protocol (IP) Address Tracking in India has become a
mammoth task for Law Enforcement in India.
Tracking of an IP Addresses is the “First Step”
in the Cyber Forensics Investigations. However, IP Tracking must be
done with great caution and with good application of mind. A casual
IP tracking exercise may not only provide wrong results but can also
implicate an innocent person.
Take the example of Lakshmana Kailash K who was kept
in the Indian Jail for 50 days because the Internet Service Provider
(ISP) made an “Apparent but very Common Mistake” while providing
details of the person who used the IP Address that resulted in the
Commission of the Offense. This is the “Casual Approach” that I
have discussed earlier and that should be avoided in all cases. Since
there were no “Best Practices” adopted by either the ISP or the
Police, this result in the imprisonment of an innocent Citizen of
India.
Lakshmana was released after spending 50 days in
jail, three weeks after the Police claimed to have nabbed the "Real
Culprits". There is no doubt that this is a clear example of
violation of his Fundamental Rights in general and Human
Rights in Cyberspace in particular.
Criticising the Police Investigation Methodology and
the ISP’s “Misleading Information” that led to his
imprisonment, the State Human Rights Commission ordered the ISP to
pay Rs 2 lakh to Lakshmana as Damages. However, this Damage is “Too
Less and Too Late” and this amount cannot offset the ordeal that
Lakshmana faced. Now the Information Technology Act, 2000 (IT Act
2000) carries Provisions that can allow the “Victim” to claim
“Damages and Compensation” to the tunes of Crores of Indian
Rupees.
In this background, I am of the Opinion that an IP
Address should NOT be the “Sole Criteria” for Arrest and
Conviction of an accused. An IP address is the “Starting Point”
and is at most a “Corroboratory Evidence” but it can never be the
“Primary Evidence” on the basis of which a Person can be Arrested
and Convicted.
It is the “Forensically Sound Image” of the Hard
Disk (Preferably Bit by Bit Image), IP Address Details, Browser and
Internet Logs, ISPs Logs pertaining to particular Cyber Activity, MAC
Address of the Computer, etc that are “Collectively Relevant and
Conclusive” while establishing the “Guilt” of an accused.
Further, the guilt of an accused must be “Proved Beyond Reasonable
Doubt” and Arresting and Convicting an accused on the basis of IP
Address alone is not even close to “Proving” the guilt, forget
about Beyond Reasonable Doubt.
It would be a “Dangerous
Trend” to follow to Arrest or Detain suspects on the
basis of mere “IP Addresses” or “E-Mail Addresses” as they
are very easy to be “Spoofed and Forged”. Even MAC Addresses can
be spoofed in certain circumstances and for many purposes,
particularly for Identity Theft cases in wireless connections.
It is important to apply “Common Sense” and
first ascertain the “Identity of Real Culprit”. Of course, it
requires tremendous Cyber Forensics Expertise to correctly trace the
offender. The case of wrongfully arresting Lakshmana and imprisoning
him for a considerable time is a glaring example of faulty and novice
Cyber Forensics application in India. The inability of the Government
of India to meet these conspicuous deficiencies of the Legal
Enablement of ICT Systems in India is stifling the growth
Cyber Law and Cyber Forensics in India.
Interestingly, the popular concepts of Indian Criminal Justice System like Establishment of Guilt “Beyond Reasonable Doubt”, “Right to Fair Trial”, Right to Legal Representation, Protection of Privacy Rights etc are simply treated as non-existent in cases of Cyber Crimes and Terrorism related cases.
The requirements of Search and Seizure Warrants for
Computers and allied Hardware, Individuals and Places must be as per
the Constitutional and Statutory requirements. The lack of Cyber
Forensics Expertise in India is resulting in violation of these
Constitutional and Statutory provisions. It is high time for Indian
Government to give these aspects a “Serious Consideration”.
