Indian Android Smartphone Users Too At Data Theft Risk

"Bugs at the operating system's application layer can be tackled by using updated anti-virus and other third-party security applications, but bugs at the firmware level is beyond users' reach as they will never have direct access to the firmware," Tyagi pointed out.

The threat gets bigger with more and more people embracing mobile digital payments in the wake of demonetisation.

"Mobile continues to be an area of exposure. As we get more and more used to transactions with mobile banking or e-commerce, mobile becomes more of a financial gateway and the implications are huge," added Anand Ramamoorthy, Managing Director, South Asia, Intel Security.

What if such a data theft case is identified in India?

"If the government comes to know that Chinese smartphones are stealing users' data from their customers, then it is very apparent that our cyberlaw is not at all adequate to deal with such challenges," Duggal told IANS.

Though under the 2008 amendments to the Information Technology Act, 2000, all mobile phones, including smartphones, have been covered within the ambit of the Indian cyberlaw, the law still does not comprehensively deal with relevant issues in the mobile ecosystem.

The absence of India as a signatory to any international treaty on cybercrime further complicates the intrinsic ability of the immense law and legal frameworks to provide effective remedies against any such contravention.

"One of the biggest challenges in this regard would deal with the issue of attribution. How would the Indian agencies be able to attribute to the fact that the said misuse has been done from the indicated/suspected source. The issues pertaining to attribution need far more clarity," Duggal noted.

According to Rakshit Tandon, consultant at the Internet and Mobile Association of India (IAMAI) and a cyber security expert, the threat is very real for Indian users and the country lacks a sufficient law framework to tackle the situation.

"Thus, it is challenging for the Centre/state governments to ward off data stealing from smartphones by third-party software. We need stronger laws to apply enforcement on data stealing via such devices," he told IANS.

Keeping new-age security needs in mind, steps must be taken to make Indian cyberlaw more effective and redressal mechanisms must be built in for the users who are part of the digital and mobile ecosystem, Duggal added.

Read Also:
Switzerland to Share Bank Account Details from September 2018
Bill To Ban Commercial Surrogacy Introduced In Lok Sabha