No amount of effort is enough unless users – the potential victims of cybercrime -- are aware of the possible pitfalls in the cyberspace.
Use of the Internet has certainly transformed lives by connecting people, businesses, governments and services, enabling all of them to do things which otherwise would have required a physical interface. Its efficiency and increased acceptance have, however, also given rise to deviant behaviours, not only creating an online equivalent of existing crimes but also attracting fence sitters owing to the false sense of anonymity that cyberspace offers.
Statistics published by the National Crime Records Bureau for the year 2016 classify mere 12,317 cases under the category of registered cybercrimes. This number, though large in itself, is a definite understatement of the scale of the problem primarily because most cybercrimes in India go unreported. A number of factors contribute to this underreporting, among these, embarrassment, sense that the reporting will be of little help and the fear of being drawn into a cumbersome process, top the charts.
The most critical factor that contributes to the increasing problem is the prevailing sense among cybercriminals that it is hard to be traced, caught and prosecuted for their actions. This is directly connected to the unwillingness among victims to report, lack of expertise and resources at the police station level to investigate cybercrime and to the sub 1% conviction rates in the country. Given the multifaceted factors which contribute to the perception among cybercriminals, it is only logical for the potential solution framework to require a concerted effort from various stakeholders.
Starting with top of the funnel, a simplified mechanism to report cybercrime will be able to draw far more victims to report cybercrimes. Increased reporting will also improve insight on cybercrime trends and development of tips which will ultimately contribute to its prevention. To ensure success of any reporting mechanism, it may be relevant to disassociate the number of cybercrimes reported from the success parameters of local law enforcement agencies (LEA).
Last few years have seen an increased focus among LEAs to modernise their capabilities to combat cybercrime – setting up of cybercrime cells and cyber forensic labs have been a part of this exercise. These units have largely been operating as a support service for the investigation of cybercrime matters, the investigation responsibility continuing to lie with the jurisdictional police stations. Increasing the number of cybercrime police stations entrusted with investigations should go a long way in addressing the expertise issue, and positively impact the cybercrime conviction rates in the country.
For e-commerce and other consumer-facing Internet companies soaring instances of cybercrime aren’t just an irritant, they pose a serious threat to their business. Exposure to cybercrime not only results in loss of a customer, it has a snowballing effect on the business’s reputation, significantly eroding its marketing investments. While the law grants a safe harbour to the Internet companies operating as intermediaries from liability resulting from acts of third parties, neither regulation nor insurance can compensate them for the real loss that cybercrime results to their businesses. It is for them to either take the bull by its horns or let it bring them down. Right from content quality controls to use of technology, analytics, cyber-forensics in crime prevention and detection, coupled with a proactive engagement with law enforcement agencies for apprehension of the perpetrators – are all efforts that will go a long way.
No amount of effort is enough unless users – the potential victims of cybercrime — are aware of the possible pitfalls in the cyberspace. Consumer education and awareness campaigns are fast becoming a means to foster a community spirit while educating consumers on safety issues. To address users’ safety, platforms must set up reporting mechanisms and encourage their use. Information gathered through these means will not only enable them to respond to incidents at a platform level in a timely manner, it will continuously help in providing trends and generating valuable educational tools.
The need, therefore, is for a concerted effort from all quarters to prevent cybercrime. Users need to take steps to avoid falling victim to cybercrime. The industry needs to work on anticipating and responding to emerging threats. And most importantly, the government needs to work towards holding criminals accountable for their actions – while balancing fundamental rights of freedom and privacy of the citizens.
(By Lavanya Chandan, Director and General Counsel, OLX India)