During the Bangalore Cyber Security Summit 2009, held on October 8th and 9th, several issues were discussed including the impact of the proposed amendments to ITA 2008 on various Intermediaries.
While several speakers argued for the increasing security threats and therefore a strict regulation on Cyber Cafes, and how to ensure that Cyber Cafes donot lose business as a result of either the stricter regulations or because the internet availability has now gone mobile with GPRS enabled mobile phones as well as the ubiquitous laptops.
A survey by the Internet and Mobile Association of India (IAMAI) and IMRB indicated that that the Cyber Cafe users as a percentage of overall Internet users had declined from 52% in 2003 to 39% in 2006. A more recent survey by A C Nielsen is also provides that the usage has declined further to 34 %.
Though the per hour browsing rate has also declined, it appears that the actual gross revenue downfall has not been as steep as the fall in the numbers indicating that revenue is also being realized through value added services including printing, video and photo uploading , online gaming etc.
In the light of the above observations, it may appear that with the ITA 2008, there should be greater regulatory pressures. One reason is that there were a few instances in India where key Loggers had been installed in the Cyber Cafes leading to loss of Bank passwords and Credit Card information of some of the customers who became victims of cyber crimes. This projected accessing through Internet as “Insecure” and hence people have stopped using Cyber Cafes for financial transactions.
One of the reasons why Cyber Cafes have found regulations difficult to handle was that the regulations were too stringent. Complete Compliance was almost impossible in some cases or anyway not feasible without high costs.
Now that the Cyber Cafe regulations are likely to be revisited when the ITA 2008 is notified, there would be at least uniformity in the regulations in different states. This may remove certain impractical regulations but nevertheless, at a time that Terrorism is a threat and Cyber Cafes are definitely the access points used by terrorists, it is not possible for the regulations to be any lighter than what it is now.
This could mean that ID management would be more strictly enforced along with data retention under Sec 67 C or otherwise. The penalties for non compliance would be much stricter. It is therefore necessary for Cyber Cafes to consider planning for proper compliance to reduce the risk related costs.
In this context the technology solutions discussed during the Summit appeared to hold promise for Compliance without the need for manual intervention. It was demonstrated that technology need not be expensive and also that the use of technology itself can open up new avenues of revenue so that instead of the revenue declining, we may actually see revenue of Cyber Cafes increasing.
Another aspect of the technology discussed was that it could enable the unorganized sector of Cyber Cafe owners majority of whom own one or two units can come on a common service platform and together harness the benefits which today are available only for large corporate cyber cafes.
There is a plan to create “E Bridge Centers” out of the Cyber Cafes and proivde them with new avenues of revenue. The trial run of the new technology is going to happen in Karnataka over the next few months and it is expected that the Cyber Cafe owners can look forward to being compliant of Cyber laws, friendly with the Police and at the same time increase their revenue.