Posted inArbitration Corporate Law

Cyber Conflict Resolution – Addressing Data Breaches And Digital Rights Disputes

Cyber Conflict Resolution – Addressing Data Breaches And Digital Rights Disputes

In 2023, India ranked as the fifth most affected country by data breaches, with over 5.3 million accounts compromised. The financial loss is also shockingly high. The  mean cost per breach in India has increased by 28% since 2020 to $2.18 million in 2023. By mid-2024, the average cost of breaches had risen another 9%, or ₹19.5 crore, from last year. Statistics up to now point out the growing persistence of cyber threats to one of the world’s biggest digital domains.

India has embraced digital technologies with such rapidity, becoming the world’s largest hub for e-commerce, financial technology, and information technology services. However, it has become simultaneously vulnerable to cyber-attacks. This article explores whether ADR procedures, such as mediation, conciliation, or arbitration, can assist in resolving the issue of data breaches and cyber rights with a focus on India’s peculiar cybersecurity situation.[1]

Understanding Cyber Conflicts

Cybercrimes include illegal acts with computers and data. They fuel cyber conflicts, and most cyber conflicts arise due to breaches of digital privacy, data breaches, and intellectual property theft.

  • Data Breach: Digital privacy disputes include cases where someone else accesses, uses, or shares a person’s data without his or her permission. Some examples include malware, website defacement, and cyberstalking.
  • Theft of Intellectual Property: This includes piracy of movies, software, and other digital products. It may also involve theft of trade secrets, patents, and copyrights.
  • Digital Rights Disputes: The conflicts arising from the ownership, control, and use of digital content, platforms, and personal data in the online space. With the growing role of the internet in communication, commerce, and entertainment, these disputes span various issues, including intellectual property violations, privacy concerns, content censorship, and online access rights. As digital interactions often cross borders, these disputes can be complex and difficult to resolve through traditional legal systems. Cyber dispute resolution offers a specialized approach to resolving these conflicts, utilizing methods like alternative dispute resolution (ADR), online dispute resolution (ODR), and platform-specific mechanisms, which are often more efficient and suited to the global nature of digital disputes.[2]
  • Digital Privacy Rights Violation: The breach of sensitivity is when unauthorized people access sensitive information. Some examples are hacking systems, theft of financial information, and theft of confidential data.[3]

Legal Landscape Governing Cyber Disputes

The laws for resolving cyber disputes in India are provided by the Bhartiya Nyaya Sanhita (BNS) and the Information Technology Act, 2000 (IT Act). Collectively, these laws form an effective strategy to counter different cybercrimes, make offenders accountable, and provide recourse to the victims.

Information Technology Act, 2000 (IT Act)

The IT Act constitutes the primary legislation guiding cybercrime regulation in India. Some key provisions include:

  • Section 43: This provision serves as a cornerstone in India’s cyber law framework, it addresses unauthorized access, data theft, malware introduction, system disruption, and tampering with computer resources. It imposes civil liability on offenders, requiring them to compensate affected individuals or entities for damages caused. By defining key terms like “computer contaminant” and “computer virus,” it provides clarity for combating cybercrimes such as hacking, ransomware attacks, and data breaches. This section plays a pivotal role in safeguarding digital infrastructure, ensuring accountability, and promoting cybersecurity awareness in an increasingly digital world.
  • Section 65: This provision emphasises tampering with computer source documents and criminalizes the intentional or knowing act of concealing, destroying, or altering computer source code that is legally required to be maintained. This includes any program, command, or design element critical for operating a computer, system, or network. Such tampering, which may obstruct investigations or disrupt systems, is punishable by up to three years of imprisonment, afine up to ₹2,00,000, or both. This provision ensures the integrity and accountability of digital systems, emphasizing the legal obligation to preserve essential source codes, particularly in regulatory, corporate, and governmental frameworks.[4]

Bhartiya Nyaya Sanhita (BNS)

BNS states specific provisions for cyber disputes as follows:

  • Section 303: It criminalizes cybercrime involving theft, such as data theft or unauthorized access to digital property.
  • Section 314: It covers dishonest misappropriation of digital data, which could be six months up to two years of imprisonment.
  • Section 318: This covers cheating committed by any person through fraudulent activity online like that of phishing, up to seven years of imprisonment.[5]

The conjoint framework of IT Act and BNS takes up an extensive range of cybercrimes, including hacking, distribution of malware, denial-of-service attacks, cyberstalking and online financial fraud. These laws provide adequate mechanisms for combating emerging threats in cyberspace.

The Role of ADR in Cyber Conflict Resolution

Alternative Dispute Resolution (ADR) techniques are well suited to remain central to the management and resolution of cyber conflicts because, intrinsically, they demonstrate flexibility, efficiency, and the potential for accommodation of the special challenges posed by cyberspace.  Techniques like: –

  • Mediation, where independent intermediaries facilitate discussion between parties is quite helpful in the sphere of cybersecurity disputes in making cooperation easier and open communication.
  • Arbitration is more formalized in its application and leads to binding judgments and, therefore, applies to complex and technical disputes. Having lesser procedural impediments than litigation, the arbitral process ensures faster resolutions.
  • Negotiation, often the first step, allows the parties to directly discuss their grievances and seek creative mutually beneficial solutions, such as compensation or the providing of enhanced security measures. These approaches combine to foster proactive communication and dissuade future disputes[6]. These mechanisms of ADR ensure:

Advantages of ADR in Resolving Cyber Disputes

  • Reduced Conflict Resolution Time: Because cyber conflicts are inherently dynamic, ADR approaches, such as mediation and arbitration, afford remedies more quickly than drawn-out court action.
  • Cross-Border Dispute Resolution: Generally, parties to cyber disputes hail from different jurisdictions. ADR, particularly international arbitration, provides a neutral forum for resolving the disputes with recourse to the procedural complexities of domestic legal systems.
  • Confidentiality: Cyber disputes often deal with sensitive data or intellectual property. ADR ensures confidentiality, and therefore, protects parties from reputational damage and safeguards proprietary information.
  • Preserving Relationship: Mediation and negotiation, being considered non-adversarial approaches, give major importance to their application in conflicts involving commercial organizations or global partnerships.

Online Dispute Resolution (ODR): AI-Driven Platforms

Consequently, AI-powered ODRs alter the very process of online regulation: automated procedures, data-informed solutions, and staying neutral[7]. These plans enhance access, lowering the cost of service and providing real-time collaboration tools for secure communication and evidence exchange. Especially, this strategy has the advantage of handling cross-border disputes as AI ensures consistent, unbiased, and scalable solutions to digitalized cases.

Challenges in Resolving Cyber Conflicts Through ADR

  • Lack of Competency: ADR for cyber conflicts calls for qualified mediators and arbitrators with rich technical competence as well as awareness of cyber laws, a resource usually scarce.
  • Enforceability: A more significant challenge in implementing the ADR outcome internationally is the lack of binding agreements or harmonized frameworks[8] between nations.
  • Power imbalance: Disputes between tech giants and individual users require mechanisms to ensure fairness, as resource asymmetry often disadvantages smaller parties.

International Cyber Conflicts: Weaknesses and Challenges in Tackling

  • Jurisdictional Opacity: Cyber offences present a borderless face that confuses applicable laws and mechanisms of enforcement since attackers take advantage of the different national legal systems.
  • Outdated Legal Structures: Existing laws mostly fail to respond to emerging threats such as ransomware, which people procure using cryptocurrencies, and state-sponsored cyberattacks.
  • Lack of Co-Operative International Institutions: The non-establishment of standard and uniform international forums[9] for cyber dispute resolution is one that still constrains cross-border cooperation, with the Budapest Convention scoring only half marks in global participation.

Future of Cyber Conflict Resolution 

The future of cyber conflict resolution lies in the integration of technology-driven ADR mechanisms[10], such as blockchain for transparent arbitration records and AI for mediating and analyzing disputes, which enhance access to justice by making processes faster, more inclusive, and more efficient. Online complexities can be managed in specialized mediation centers and arbitration courts and this is enabled by unified international frameworks working toward smooth cross-border resolutions.

Conclusion

The rapidly growing digital scene in India has ushered in heavy challenges in addressing the cyber conflict, especially those related to data breaches and disputes on digital rights. As the scale and complexity of cyber threats escalate, ADR mechanisms remain a flexible, efficient, and specialized framework for resolving such disputes. By tapping into tools like AI-driven ODR, blockchain, and cross-border frameworks with specialized cyber mediation forums, ADR can guarantee faster, transparent, and inclusive processes that make access to justice a greater reality.

[1] https://economictimes.indiatimes.com/tech/technology/data-breach-average-cost-touches-all-time-high-in-fy24-ibm-report/articleshow/112160790.cms?from=mdr

[2] https://www.wipo.int/amc/en/center/copyright/digitalcopyright/index.html

[3]https://www.um.edu.mt/library/oar/bitstream/123456789/38298/1/Cyberattacks_and_Cyber_Conflict_Where_is_%20conflict_resolution_2018.pdf

[4] https://www.indiacode.nic.in/bitstream/123456789/1999/1/A2000-21%20%281%29.pdf

[5] https://www.indiacode.nic.in/bitstream/123456789/20062/1/a2023-45.pdf

[6]https://www.researchgate.net/publication/385224762_Resolving_cybersecurity_disputes_and_protecting_digital_infrastructure_With_ADR

[7] https://www.umass.edu/legal/articles/uconn.html

[8]https://www.researchgate.net/publication/385224762_Resolving_cybersecurity_disputes_and_protecting_digital_infrastructure_With_ADR

[9]https://www.researchgate.net/publication/385224762_Resolving_cybersecurity_disputes_and_protecting_digital_infrastructure_With_ADR

[10] https://ciiblog.in/reshaping-the-future-of-adr-in-india-through-integration-of-technology-and-institutional-arbitration/

Author: Paarth Miglani, 2nd Year Law Student at National Law University, Sonepat, Haryana

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *