On November 30 and December 1, 2016, the Observer Research Foundation in partnership with the Sardar Patel University of Police, Security and Criminal Justice (SPUP) organised a two-day training workshop on cyber security for Indian law enforcement agencies (LEAs) in Jaipur, Rajasthan. The workshop aimed to familiarise LEAs with contemporary challenges in cyber security investigations. It also sought to clarify issues of network security to help LEAs in keeping their data secure and protected from non-state actors and foreign intelligence agencies. The workshop was attended by senior and mid-career police personnel enrolled at the Centre for Peace and Conflict Studies, SPUP, as well as officers from the Intelligence Bureau, the Crime investigation Department, the Narcotics Control Bureau and the Central Reserve Police Force, among others.
The workshop followed four tracks: Cyber laws, information security, cyber espionage and internet governance. Investigating and prosecuting cyber-crime requires an understanding of the legal challenges unique to cyberspace. Crimes committed on the internet, for instance, throw up complex jurisdictional questions requiring cross-border cooperation between law enforcement agencies. These and other issues were discussed in the first session of the workshop.
Day 1 of the workshop opened with an overview of the laws and regulations governing cyberspace in India. The trainers exposed the attendees to contemporary challenges in cyber-crime and the specific provisions in law that govern them. The officials present learned about online extremism, piracy, defamation, cyber fraud and sexual harassment online. They were also familiarised with electronic evidence gathering processes, including the rules and regulations in place for accessing data and intermediary liability. This was followed by an examination of how the prosecution of cyber fraud occurs. The attendees were introduced to policy challenges in ascribing responsibility in cases of financial breaches.
The final session on Day 1 was devoted to information security. The attendees were briefed on the various ways through which non-state actors and foreign intelligence agencies intercept and exploit data. Through demonstrations of known phishing apps and social engineering techniques the officials were trained in steps they can take to identify malware and avoid having their data compromised.
Day 2 of the workshop aimed at familiarising trainees with challenges that cyberspace regulation presents for policymakers. This highlighted the importance of protecting critical information infrastructure against state sponsored cyber-attacks that are increasingly becoming a cause for concern. It included case studies of known cyber-attacks, security breaches and online espionage. The second session explained the importance of data protection regulation and how it can ensure the integrity of cyber systems.
The final session on Day 2 addressed the practical aspects of data gathering for law enforcement purposes. It introduced the trainees to the various organisations and protocols associated with running the internet. This session also demonstrated the various steps that law enforcement agencies must follow upon receiving a complaint about a cyber-crime, and to obtain information for prosecution. This included an explanation of the domain name system, the WHOIS database and the various processes through which information requests can be made.
Trainers
Amelia Andersdotter, Swedish Politician and former Member, European Parliament.
Jiten Jain, CEO, India Infosec Consortium
NS Nappinnai, Lawyer and Founding Partner, Nappinnai and Co.
Vinay Kesari, Managing Associate and Head, Technology Law and Policy Practice, Luthra and Luthra Law Officies
The workshops were supported by the Foreign and Commonwealth Office, Government of the United Kingdom and Hewlett Foundation.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.