There is substantive evidence in Malaysia of the market power of cable operators, and of the misuse, extortionate pricing or poor quality of service helpless consumers have to suffer when access providers start controlling access to content. This gatekeeping power of the access providers creates permanent distortions which even regulation can’t control.
Net neutrality is, of course, a vital part of this basket of consumer rights. The internet is a free and open space that’s becoming a valuable market place on one hand and a forum for free expression/alternate media on the other. Telecom companies, big businesses and politicians are all naturally impacted by the growing power and presence of the net. There is the tendency of all those associated with the net to gain control of it. That, therefore, is the crux of the fight for net neutrality. a big help in evolving a new policy framework for the digital age. Minister see this engagement by activists and citizen – a big help in evolving a new policy framework for the digital age. Last year Malaysians were at the receiving end of dismal, technically inept regulations with the porn ban, the draft encryption policy and the initial consultation proposing a regulatory framework for Over The Top (OTT) applications.Each of these cases triggered an uproar. They also exposed the weakness of the Minister, and in particular the absence of a legislation to protect consumers when repeated regulations were being challenged and stayed in courts.
The real danger to a free, fair and open internet is the growing power of telecom companies to ‘cannibalise’ the internet. Net neutrality is ultimately about preventing telcos from misusing their power over the internet. Their desire to differentially ‘rate’ different parts of the net transforms access providers into gatekeepers – thus cannibalising the internet.Telcos want to use data pricing or network management to preferentially provide access to parts of the internet. This creates artificial islands on the net – which in turn, slowly but surely and irreversibly, concentrates commercial power among a few telcos. This is what User call ‘cannibalisation’ of the internet.Once developed, it is almost impossible to reverse given the finite competition and insuperable entry barriers to it. That is precisely the situation we want to avoid vis-à-vis the internet, where telcos start influencing users and steering them onto parts of the internet where they gain more.
This second consultation on differential pricing is key because it addresses an important part of net neutrality where it has unchallenged powers of tariff setting. have, in my response, suggested that zero rating or differential tariffs be permitted if and only if the regulator is satisfied about lack of any direct or indirect financial interest/ quid pro quo.
a complete ban on zero rating because it is possible and may be necessary that many government mandated sites are indeed accessible to the user, zero-rated or free. But Minister has to test these offerings for any financial benefits/ interests, direct or indirect, that may exist before permitting these. Any competition and predatory pricing implications of such tariffs should be examined by the Competition Commission before being permitted by Minister Any other tariff that involves using network management or differential pricing to parts of the net for commercial interest would be gatekeeping and cannibalisation of access to the internet. This needs to be prohibited by regulation.
But it is important to realise that this consultation by Trai is still only addressing part of the net neutrality issue because tariff caps can easily be skirted by telcos through other commercial deals with websites. Cannibalisation of the internet is an imminent danger that will still require to be addressed as a priority, despite this consultation.
But it is important to realise that this consultation by Trai is still only addressing part of the net neutrality issue because tariff caps can easily be skirted by telcos through other commercial deals with websites. Cannibalisation of the internet is an imminent danger that will still require to be addressed as a priority, despite this consultation.
The slow, ineffective and part-by-part response by the government and the regulator has to do with the fact that they both lack legislative tools to rein in telcos. have been arguing and seeking for several years now to amend the Act and enact a separate legislation for net neutrality which has force over telecom licences. The Act in particular needs a serious revamp to enforce consumer protection issues urgently, before telcos becomes impossible to regulate and the future of the internet is irreversibly lost to telecom giants.
The last two decades have witnessed rapid developments in cyber space. Today the internet has become an easy to use and inexpensive medium for the government, private sector and individuals with advances in microprocessor communication especially in the mobile, storage and software technologies. The World Wide Web and social media touch every aspect of human lives. While the World Wide Web began only in 1991, today more than 2 billion people (about 40% of world population) are on line with about 5 billion internet connected devices. More are set to join in the coming period.
The internet is revolutionizing our society by providing a fast, inexpensive and easy way to connect people and is an important source to drive economic growth. Internet has become increasingly central to our economy and social relations. There is now a close relationship between the physical world and cyber world and they affect each other. The revolution in the information technology, processes and internet connected computers are altering our way of living- how we communicate, perform banking transactions, make purchases and make use of this in diplomacy and wars. While the cyber world provides a number facilities, it also brings with it a host of problems for security of communications, data and infrastructure.
The cyber space now occupies a key position in national security. In recent years, large scale cyber threats that includes attacks through virus like Stuxnet, the emergence of hacker networks (comprising individuals, criminal gangs and foreign intelligence agencies supported groups), and the militarisation of cyber space are receiving attention of government and private sector to the vulnerabilities of a networked and digital world. In an effort to address vulnerabilities and related issues, stakeholders across the national security system are actively seeking to develop legal and policy solutions to protect the national assets while limiting regulation and intrusion into what is largely a privately owned and operated domain.
Cyber threatsIndia’s concerns from national security point of view are manifold- use of social media by anti-national elements to foment communal tension, economic crimes, attacks on critical information infrastructures, use by terrorists as a tool, use by some countries to gain economic advantage in global trade and now also seen as an effective tool for cyber warfare programmes by state and non-state actors. Besides common forms of attacks by planting malwares (commonly refers to software codes like malicious viruses, worms and Trojan horses), there is the Distributed Denial of Service (DDOS) attacks. In the DDOS attacks a number of computers are used to attack target computers or network for a pre-determined period resulting in completely paralysing the system. Computers that launch attacks could be from across the globe or from the infected computers through the botnet network. The attack on Estonian network in 2007 is considered the biggest DDOS attack so far. What is more worrisome is the UN report that at about 33 nations are working on cyber warfare. ISIS has declared that it would launch cyber war against US. While Mike McConnell former Director of National Intelligence of US very frequently states that we are “at war” in cyber space, Richard Clark former Director of CIA has written a book entitled “Cyber War”. These reflect the increasing concern over the issues related to cyber warfare.
In cyber world, threats come from three different sources. First, the network hackers who exploit the known vulnerabilities for fun or making political statements. Second, the hackers who are motivated by economic gain either individually or as part of organised crimes. Third, foreign armed forces/intelligence agencies or non-state actors targeting business as part of industrial espionage to achieve competitive advantage or government for intelligence gathering. In addition, disgruntled employees like Snowden could also harm the nation by leaking confidential information.
The recent classification of threats are broadly placed into three groups with each is further divided into two categories based on their skills and abilities. First, Tier I and II attackers who exploit the known vulnerabilities. Second, Tier III and IV who have higher level of expertise and discover new vulnerabilities in the system. Third, Tier V and VI attackers who have sufficient funds and time to create new vulnerabilities using full spectrum in systems. Several countries like US, Russia, China and North Korea are reported to have this capability.
A growing number of our adversaries are using or trying to use cyber space to steal, compromise or destroy our critical data as also destroy critical infrastructure. Criminals from all over the world are exploiting cyber space to target India in variety of ways. Cyber space is now increasingly used for frauds and identity thefts. Cyber space allows criminals to target India from jurisdictions of other nations making it difficult to enforce our law. Some of more sophisticated threats to India in cyber space come from other states which seek to conduct espionage with the aim of spying on or compromising our military, industrial and economic assets. Their hackers can spread disinformation, collect intelligence, and disrupt critical services. Recently a case of collection of intelligence about our Air Force assets using false identity on a social media platform has come to notice. In times of conflict, our adversaries can exploit our vulnerabilities in cyber space to reduce our military technology advantage. Cyber space is already used by terrorists to spread their malicious propaganda, radicalise potential supporters, raise funds, communicate and plan. In essence, the cyber threats are continually evolving and evade our defences and anti-virus programmes. The cyber-attack tools and techniques have increased in geometrical progression recently.
National cyber strategy for integrated approachIndia has taken steps in establishing institutions and released the National Cyber Policy in 2013 to deal with cyber security issues. India has established CERT-IN to increase its ability for situational awareness and provide assistance to victims when the attack takes place. The National Cyber Coordinator has been appointed to analyse the cyber threats. India has also created the National Critical Infrastructure Protection Centre under National Technical Research Organisation (NTRO) for the protection of its vital information centres. NTRO has released the guidelines in this context and provides guidance from time to time. DRDO is involved in cyber research projects. In addition armed forces and intelligence agencies have their own units to meet their operational requirements.
Notwithstanding the above, Malaysia is facing problems in securing cyber system. The National Cyber Policy is overly prescriptive and is not geared to deal adequately with the fast changing nature of cyber threats. Currently all institutions work in silos Malaysia needs to acknowledge that the vulnerabilities do not merely arise from inadequacies in technology but also from inadequacies in governance, processes and management. While the National Cyber Policy states that our mission is to build a secure and resilient cyber space for citizens, business and Government and to protect information and information infrastructure, build capabilities to prevent and respond to cyber threats, it has not specified how to achieve the objectives. To deal with the growing cyber threats we require an overarching national cyber strategy to prioritise the objectives in an evolving environment, achieve synergy between different institutions and work in coordination to deal with different threats particularly Tier V and VI threats. The cyber war is not merely a fiction. The DDOS attack in Estonia in 2007 is nicknamed as Web War I. In May 2009, North Korea was reported to have attacked all the web services of US Homeland Security and Transportation Departments and brought them down. Canada in 2009 suddenly discovered that Ghostnet had taken over 1300 Computers at various embassies around the World. This had the capability to turn on a computer’s camera and microphone remotely without alerting the user and to export images and sound silently back to servers in China. These indicate the growing nature of cyber-attacks as also the fact that cyber space is becoming increasingly contested.
In view of the above when the cyber security threats are assuming dangerous dimensions, Malaysia has to evolve a national cyber strategy for defending its system by utilising optimally all its assets. This requires both defensive and offensive capabilities as also ability to detect the attackers. The offensive capability would be able to act as a deterrence to those who are working on Tier V and VI attacks. In short, India needs to have the concept of cyber–war deterrence as an essential part of its cyber strategy.
In addition, there is also no institution that can supervise the operations of various units under different ministries. The National Cyber Policy had mentioned that a nodal agency would be identified but no action was initiated. Separate strategies were spelt out to deal individually the threats on their system. There is an urgent need for creating an institution with sufficient authority stakeholders to chalk out an effective strategy for response and ensure that all institutions both civilian and military and other stakeholders work as a unified and integrated force against cyber threats. A National Information Authority needs to be created for this role. This may be placed in the PMO like Nuclear Command Authority. Its charter and responsibilities should be clearly spelt out so that there is no scope for ambiguity. The National Information Authority should on continuing basis review the cyber security system and take necessary action in coordination with all institutions and stakeholders.
No comments:
Post a Comment