Thursday 10 March 2011

Cyber Due Diligence In India

Due diligence means to act with due care and caution. Cyber due diligence means to take proper care and caution while dealing with cyberspace transactions. In the Indian context, the information technology act, 2000 (IT Act 2000) mandates taking due diligence for cyberspace matters and other allied matters to escape civil and criminal liability.

Under the IT Act 2000 “Intermediary” are required to observe “Due Diligence” to escape liabilities arising out of third party acts or omissions, informs Praveen Dalal, a Supreme Court lawyers and leading techno legal expert of India. The scope, definition and ambit of Due Diligence is very wide under the IT Act, 2000 and stakeholders must be wary of the requirements of Indian Cyber Law, suggests Dalal.

Recently the Reserve Bank of India made the requirements of observing cyber due diligence by banks in India even more stringent. RBI executive director G Gopalakrishna recently said that all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest.

This decision came after the incidence of fraud by the Gurgaon branch of Citibank came into light. According to Dalal incidences and frauds like these can be prevented if proper Cyber Due Diligence is in place.

Among many factor, e-discovery plays a major role in preventing and punishing cyber crimes, banking frauds and other crimes. Although there is no e-discovery law in India yet it must be adopted as a prudent and due diligence exercise by all.

Till now there was no guidelines and readymade reference for crucial issues like cyber crime investigations, due diligence practices, best practices to prevent cyber crimes, etc. Perry4Law Techno Legal Base (PTLB) and Perry4Law are in the process of writing the first and exclusive techno legal cyber crime investigation manual of India. The manual is in the final phase of preparation and it may be available to governmental departments and general public after few months.

Issues regarding due diligence and cyber due diligence would also be discussed in the manual. Banks operating in India can effective use the manual of Perry4Law and PTLB to meet the techno legal requirements of due diligence, cyber security and prevention of cyber crimes committed against banking institutions.

Due diligence, especially cyber due diligence, cannot be ignored by any person and institution any more. It is in their own interest to follow proper and adequate due diligence requirements to escape punishment under various laws.