sb.scorecardresearch

Published 13:36 IST, December 20th 2023

Sharenting a bigger threat than deepfakes, but cybercrimes legislation in India evolving: Experts

After ransomware attacks on companies and deepfakes, children’s online identities shared excessively without their consent poses a threat to their privacy

Reported by: Gauri Joshi
Edited by: Rajat Mishra
Follow: Google News Icon
  • share
Bengaluru tops metro cities in cybercrime reports for 2022
Bengaluru tops metro cities in cybercrime reports for 2022 | Image: Unsplash representative

Cybersecurity is paramount in an evolving paradigm of ransomware attacks on enterprises and newly-emerging threats such as deepfakes, and a step ahead - sharenting. Deepfakes came to light after Animal fame and popular South Indian actress Rashmika Mandanna's face was morphed into an Indian-origin model's vacation video and shared across social media. The IT ministry as well as state IT ministers voiced concerns on the disturbing trend. On the other hand, sharenting is a trend where parents film their children online, and this is often without consent because the children are too young to understand the consequences of their images and voice shared online.

On Tuesday, Noida-headquartered HCLTech informed exchanges of a ransomware attack in one of its locations, even as the company deals in cloud and cybersecurity. The pandemic saw several enterprises grapple with data breach, but the situation has not gotten any better.

Last year alone, over 11 lakh cyber incidents were reported. Operations disrupted, data breaches happened, and significant financial losses occurred - in one instance, an attack even jeopardised a company's IPO.

According to Centre for Digital Economy Policy Research President Jaijit Bhattacharya, civilians are even at more risk through cloud used in automobiles, service denial scams and so on. “From a civilian perspective, you also need to be careful of the fact that all your information is getting compromised, which can then subsequently be used for for either launching a social attack on you or misusing the information for various purposes such as extracting money out of your bank account, or blackmailing you,”Bhattacharya said.

Norton India Director Ritesh Chopra concurs, because he says people assume they are not significant in the larger scheme of things.

“Each one of us, even in enterprise setup, is a consumer. I think the weakest link is the consumer which is still not being understood...contrary to the notion that they are just a drop in the ocean of multiple users,” he said.

Group Captain P. Aanand Naidu, Director, Information Sharing and Analysis Center called data “the new iridium.”  

The pervasive issue of ‘sharenting’, where children’s online identities are shared excessively without their consent, poses a threat to their privacy, according to research scholar specialising in cybercrimes and children, in Assam’s Tezpur University, Abhishek Kabra.

Our existing laws and security measures struggle to keep pace, Kabra added. 

“The Digital Personal Data Protection Bill, 2023 (passed in the Monsoon Session of the Indian Parliament this year) stands out as so far as the most comprehensive document, addressing the complexities of the digital era and explicitly securing children’s cyber presence.”

Founding Managing Partners of RSD Bajaj Global Law Firm Varun and Shivaarti Bajaj said that this new legislation covers a very limited part of the above kind of cyber security, only related to personal data.

“Here  is the opportunity to cover all possible kinds of cyber security threats and their regulations under this Digital India bill. The Government should involve all experts, specially from legal background to share these concerns and possible solutions,” the partners added. A unique feature of Indian digital laws is the emphasis on self-regulation on the part of corporations on what kind of content and data is used by them, CyberPeace Foundation founder Vineet Kumar said.

“It is noteworthy that most ministries and departments in the government attempt to formulate regulations to tackle the challenges in cyberspace,” he added.

Talking on conflict zones and low internet areas, Kabra said areas with limited connectivity become fertile ground for facilitating predators to transition from virtual to real-world threats and vice-versa since people may not be aware of crimes like identity theft. It is imperative for policy to address cyber crimes comprehensively for both civil and defence sectors, he added.

A report by cybersecurity company Sophos said that in 77 per cent of ransomware attacks against surveyed organisations, hackers succeeded in encrypting data. Infact, 92 per cent of Indian organisations view GenAI tools as potential security risk despite its growing usage, as per Zscaler.

Group Captain Naidu recommends cybersecurity certifications, which can act as ‘first aid’ against such events.

Updated 15:17 IST, December 20th 2023