27 Nov CERT-In exempted from the purview of RTI
This article covers “Daily Current Affairs”, and the topic details “ CERT-In exempted from the purview of RTI”. This topic has relevance in the Polity and Governance section of the UPSC CSE exam.
Key Provisions of the Right to Information Act, 2005?
The Role of CERT-In?
Functions of CERT-In in Cybersecurity?
Why in the news?
In a recent development, the Department of Personnel and Training (DoPT) has issued a notification exempting the Indian Computer Emergency Response Team (CERT-In) from the purview of the Right to Information Act, 2005.
This move places CERT-In under the list of 26 other intelligence and security organizations already excluded from the RTI Act. The Minister of State for Electronics and Information Technology, Rajeev Chandrasekhar, had previously informed the Rajya Sabha about the ongoing inter-departmental consultation on this matter in March 2023.
CERT-In, functioning under the Ministry of Electronics and Information Technology, now stands alongside various intelligence and security organizations exempted from the RTI Act. This decision follows the government’s authority, as outlined in the RTI law, to amend the Second Schedule to include or exclude intelligence or security organizations. The exemption highlights the government’s approach to balance transparency and national security.
Key Provisions of the Right to Information Act, 2005:
The Right to Information Act, 2005, derives from the fundamental right of freedom of speech and expression under Article 19 of the Constitution. Its fundamental objectives include empowering citizens, promoting transparency, and ensuring accountability in government functioning.
Key provisions of the RTI Act are as follows:
- Section 4: Public authorities are obligated to maintain records in a catalogued and indexed manner to facilitate the right to information.
- Section 6: Individuals can request information in writing from the Central or State Public Information Officer, specifying the particulars sought.
- Section 7: Public Information Officers must either provide information or reject the request within 30 days, citing reasons specified in Sections 8 and 9.
- Section 19: Individuals aggrieved by a decision or non-receipt of a decision within 30 days can appeal to a senior officer in the respective public authority.
Exemptions under the Act:
Certain exemptions under the RTI Act include information related to defense, national security, or personal details. Before the RTI Act, India’s information disclosure was restricted by laws like the Official Secrets Act, and the RTI Act played a pivotal role in relaxing such restrictions.
Coverage under RTI:
The RTI Act extends to the entirety of India, covering bodies constituted under the Constitution, laws, or government notifications, as well as NGOs substantially financed by the government. Private bodies owned, controlled, or substantially financed by the government are also directly covered.
Cybersecurity, also known as computer security or information technology security, is a critical domain focused on protecting computer systems and networks from cyber-attacks. These attacks can lead to information disclosure, theft, or damage to hardware, software, and electronic data.
Cyber-Attack Landscape in India:
As of Q1 2023, India has witnessed a sharp increase of over 29% in the number of cyberattacks compared to Q4 2022, with more than 500 million cyberattacks blocked in India out of 1 billion global attacks
Current Legal Framework:
Surprisingly, despite the escalating cyber threats, India currently lacks a dedicated cybersecurity law. The absence of such legislation raises concerns about the legal and regulatory mechanisms in place to address and mitigate cyber risks.
The Role of CERT-In:
The Indian Computer Emergency Response Team (CERT-In), established in 2004, operates under the Ministry of Electronics and Information Technology. Serving as the national nodal agency for cybersecurity, CERT-In plays a pivotal role in defending the Indian Internet domain against cyber threats.
Functions of CERT-In in Cybersecurity:
- Information Collection and Analysis: CERT-In collects, analyzes, and disseminates information on cyber incidents, staying vigilant to emerging threats.
- Forecasting and Alerts: The agency issues forecasts and alerts regarding potential cybersecurity incidents, aiding in proactive risk management.
- Emergency Response Measures: In the event of a cyber security incident, CERT-In formulates and executes emergency measures to contain and address the situation promptly.
- Coordination of Response Activities: CERT-In acts as a central coordination hub for cyber incident response activities, ensuring a unified and effective response.
- Guidelines and Advisories: The agency proactively issues guidelines and advisories related to information security practices, procedures, and prevention strategies to enhance overall cyber resilience.
Q.1 With reference to the statements above, consider the following:
- The RTI Act includes exemptions for information related to defense, national security, or personal details.
- The RTI Act also covers private bodies owned, controlled, or substantially financed by the government.
Which of the statements given above is/are correct?
(a) 1 only
(b) 2 only
(c) Both 1 and 2
(d) Neither 1 nor 2
Q.2 The recent decision to exempt the Indian Computer Emergency Response Team (CERT-In) from the purview of the Right to Information Act, 2005 has sparked discussions on the balance between transparency and national security. Analyze the implications of this decision, considering the key provisions of the RTI Act and its role in promoting transparency and accountability in government functioning.