In the twenty-first century, the use of technology has grown rapidly on a global scale. Technology has become an essential part of modern living. It is vital to evaluate the enormous influence that technology is having on human rights, particularly the protection of freedom and privacy, in the midst of this rapid technological advancement.

The profound impact that technology has on the rights of people, with a focus on maintaining the core values of freedom and privacy in the current digital era. Technology is expanding at a very quick speed, which presents both great promise and challenging issues for people's fundamental rights and liberties everywhere.

The expansion of the online world has significant implications for human rights, especially freedom and privacy. This connectivity fosters cross-cultural communication and economic expansion, but it also presents privacy and cybersecurity issues.

Cyber security and cyber protection

Cybersecurity is the practice of protecting internet-connected systems such as hardware, software, and data from cyber threats[1]. It is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems. A strong cybersecurity strategy can provide a good security posture against malicious attacks designed to access, alter, delete, destroy or extort an organization's or user's systems and sensitive data[2].

Cybersecurity is also instrumental in preventing attacks that aim to disable or disrupt a system's or device's operations[3]. In today's online landscape, cybersecurity has become a vital part of any business strategy, and cybersecurity specialists are in demand more than ever. The world of cybersecurity revolves around the industry standard of confidentiality, integrity, and availability, or CIA.

Confidentiality means data can be accessed only by authorized parties; integrity means information can be added, altered, or removed only by authorized users; and availability means systems, functions, and data must be available on-demand according to agreed-upon parameters[4]. Cybersecurity involves everyone and every entity, from individuals to organizations and companies to governments[5].

It is a fast-growing field, and there are many courses available to learn about cybersecurity and how to protect yourself and others from online attacks[6]. Cyber protection combines cybersecurity and data protection strategies to safeguard against cyberattacks and guarantee the integrity and safety of data.

Cyber protection stresses the safeguarding of data as well as the quick restoration of systems and data in the case of an attack, in contrast to cybersecurity, which is primarily concerned with protecting systems.[7] Cybersecurity refers to the protection of internet-connected systems, including hardware, software, and data, from cyber threats. It encompasses various disciplines, such as network security, application security, and information security, and is essential for mitigating corporate cyber risk.[8]

The modern cyber threat landscape is characterized by evolving and sophisticated attacks, including ransomware, phishing, and supply chain attacks.[9] To address these challenges, organizations need advanced, multi-layered cybersecurity solutions, such as Next-Generation Firewall (NGFW) and Intrusion Prevention System (IPS), to minimize the impact of continuous, automated attacks.[10]

In conclusion, in today's digital world, cybersecurity and cyber protection are essential for safeguarding against a variety of cyberthreats and guaranteeing the security, availability, and integrity of data and systems.

Legislation relevant to cyber-security in the digital era

India has several laws and regulations related to cybersecurity in the digital era. The primary legislation dealing with cybersecurity, data protection, and cybercrime in India is the Information Technology (IT) Act of 2000.[11] The IT Act of 2000 has laws relating to cybersecurity and cybercrime, and it was updated in 2008 to handle new cyber dangers and difficulties.[12]

The Indian Penal Code 1860 also punishes offenses committed in cyberspace, such as defamation, cheating, criminal intimidation, and obscenity.[13] The Companies (Management and Administration) Rules 2014 require companies to ensure that their data and information systems are protected against online attacks.[14]

The Indian government is presently looking to replace the IT Act with the Digital India Act, which will provide a more comprehensive framework for cybersecurity.[15]

The Digital India Act is expected to cover issues such as data protection, privacy, and cybersecurity.[16] India has several laws and regulations related to cybersecurity, and organizations must be aware of these laws to maintain compliance and protect their digital assets.

Many international legislation, such as, Article 3 of the UDHR guarantees everyone's right to life, liberty, and personal security. Article 19 safeguards the rights to free speech, communication, and information access, apply to cyber security. However, international law makes it difficult to enforce these rights. Nations like India frequently disobey these laws.

Cyber crime threat to human rights

Cybercrime poses a significant threat to human rights, including the rights to privacy, freedom of expression, and nondiscrimination. Efforts to address cybercrime need to protect, not undermine, these rights.[17] The proposed UN cybercrime treaty has raised concerns that it could have serious consequences for human rights, particularly the rights to freedom of expression[18].

Some provisions of the treaty are seen as potentially expanding the surveillance power of governments and giving rise to abusive measures that could be used to target those critical of authorities.[19]

In the context of India, the Information Technology Act of 2000 is in place to regulate activities that violate the rights of internet users and safeguard the cyberspace.[20] Freedom of expression and other basic human rights must be upheld, not compromised, in any effort to combat cybercrime. Human rights organisations should be involved in the negotiation process of any proposed treaty at every stage, and it should be transparent and open.

Controlling cybercrime is critical, but it's also critical to make sure that any actions done to combat it respect human rights. Human rights are violated by cybercrime, including the rights to confidentiality, privacy, and freedom from torture and blackmail. Hackers typically encrypt user or company secrets, charge a ransom to unlock them, and take and misuse data.

Numerous prominent people's Twitter accounts were compromised and used fraudulently to obtain money, some of the victims sought payment in exchange for returning their accounts. By posting their images and films on various websites, they violate children's rights and engage in blackmail.

Technology's Effect on Human Rights

Technology has a significant impact on human rights, both positively and negatively. On the positive side, technological advancements can help advance the human rights agenda. The human rights to privacy, free speech and expression, freedom of opinion, and information flow are all violated by cyber security. However, technology can also be used to infringe on human rights.

For instance, it can be used to surveil and silence marginalized communities at a scale that was never before possible [21]. Digital technology use can potentially restrict the freedoms of expression and information access. Both national governments and international organisations are beginning to recognise the growing relevance of internet connectivity as a human right. To maintain cyber peace online, some experts contend that cybersecurity ought to be regarded as a human right as well.

Human Rights Are Infringed by Cyber Crime

The digital era has brought about an unprecedented level of connectedness and innovation. But this connectivity has also made room for evil doing, and cybercrime is now a serious threat to both individuals and entire societies. Beyond the financial and reputational harm that cyberattacks frequently do, cybercrime seriously undermines the core values of human rights law.

Cybercrime's encroachment on human rights law manifests in various forms, each undermining the very essence of these fundamental protections. One of the most prevalent infringements is the violation of the right to privacy.[22] Cybercriminals often target personal data, including sensitive information such as financial records, medical history, and online communications. This unauthorized access and exploitation of personal data can have devastating consequences for individuals, ranging from identity theft and financial fraud to reputational damage and emotional distress.

Moreover, cybercrime impedes the exercise of freedom of expression[23], a cornerstone of human rights law. Online censorship and surveillance practices employed by governments or other entities can stifle dissent, hinder the free flow of information, and create a chilling effect on individuals' willingness to express themselves freely online.

Cybercriminals may also engage in online harassment, intimidation, and cyberbullying, silencing individuals and creating a hostile environment for free speech. Cybercriminals may target online platforms and services used for social activism and advocacy, undermining the ability of individuals to collectively express their views and promote social change.

Cybercrime's impact extends to the realm of education[24], where individuals' access to learning resources and educational opportunities is jeopardized. Cyberattacks on educational institutions can disrupt online classes, disable access to digital learning materials, and compromise student data. Moreover, cyberbullying and online harassment can create a hostile learning environment, discouraging students from participating fully in their education. Furthermore, cybercrime has the potential to hinder the enjoyment of the right to health[25].

Cyberattacks on healthcare facilities can disrupt medical services, compromise patient data, and hinder access to essential healthcare information. Additionally, cybercriminals may exploit vulnerabilities in medical devices, putting patients' safety at risk.

The pervasive nature of cybercrime and its potential to infringe upon a wide range of human rights necessitates a multifaceted approach to address this challenge. Governments must play a crucial role in developing and implementing robust cybercrime prevention strategies, including legislation, law enforcement capabilities, and public awareness campaigns. Businesses and organizations must also prioritize cybersecurity measures to protect their systems and data from cyberattacks. Moreover, civil society organizations and individuals must advocate for human rights protections in the digital realm and promote responsible online behavior.

Misconceptions about cyber-security

We are fully aware of the ongoing increase in cybercrime. Organisations and individuals alike need to defend themselves against a wide range of risks in the modern era of technology. Regretfully, there are still a few cybersecurity myths that prevent far too many people from taking the required precautions to protect sensitive personal data.

Misconception 1: Cybercriminals only target large corporations or well-known individuals.

Cybercriminals are not selective. No matter how big or powerful they are, they will go for anyone they believe they can take advantage of. Actually, since they do not have the same degree of cybersecurity protection as larger companies, small firms are frequently the targets of cyberattacks.

Misconception 2: Cyber-criminals can't get anything from me.

Financial information theft is not the only thing that cybercriminals want to do. They might also be interested in obtaining private information, including your medical records or Social Security number. In addition, they might try to take control of your computer so they can transmit spam or do system attacks.

Misconception 3: I'll be safe from all cyber-attacks thanks to my antivirus programme.

Although it is a crucial component of your cyber-security defence, antivirus software is not a panacea. Since cybercriminals are always coming up with new ways to get around antivirus software, it's crucial to utilise additional security measures like firewalls and secure passwords.

Misconception 4: I only need to worry about cybersecurity at work.

Cybercriminals are just as likely to target you at home as they are at work. In fact, they may be even more likely to target you at home, because they know that you may be more relaxed and less vigilant when you are not at work.

Misconception 5: I don't need to worry about cybersecurity because I don't use social media.

Cybercriminals can use social media to gather information about you, such as your interests, friends, and family. They can then use this information to target you with phishing attacks or other scams.

Human rights laws that are currently in effect regarding cyber-security risks

The Information Technology (IT) Act of 2000 is the main piece of law pertaining to cybersecurity, data protection, and cybercrime in India. This act, together with the rules and regulations it establishes, controls several facets of cybersecurity and deals with contemporary offences including hacking, tampering, and unauthorised access to systems that are secured.

Furthermore, agencies and regulators have enacted sector-specific regulations requiring their regulated firms to maintain cybersecurity requirements[26]. In a number of decisions, the Indian Supreme Court has recognised privacy as an essential component of various fundamental rights, such as the right to freedom (Article 19) and the right to life and personal liberty (Article 21).

In a landmark judgement "Rajagopal v. State of Tamil Nadu�[27]:
The Supreme Court stressed in this ruling that individuals have a right to privacy in their own affairs, including the right to control information about themselves, especially where there is media interference.

In the digital age, governments and businesses have a responsibility to uphold human rights, particularly the freedom of speech, privacy, and information access. Governments and IT companies should work together to strengthen cybersecurity defences against data breaches and cyberattacks. Encourage worldwide cooperation to create international standards for data protection. This can facilitate the transfer of data across borders while maintaining privacy protection.

Establishing safeguards and creating new cyber-security guidelines

The first line of defence against cyberattacks is made up of technological protections. They consist of intrusion detection systems, firewalls, and data encryption tools that cooperate to stop unwanted access, identify criminal behaviour, and safeguard private data. For these technological defences against changing threats to remain effective, they need to be updated and maintained on a regular basis.

In addition to technical measures, procedural safeguards reduce the possibility of human mistake by instituting organisational norms and cultivating a cybersecurity-aware culture[28]. These security measures, which enable people to identify and efficiently address cybersecurity threats, include incident response plans, employee training programmes, and transparent password policies.

In order to successfully execute these measures, companies need to set up thorough cybersecurity policies that offer structure and direction.

These rules ought to take a variety of factors into account, such as[29]:

• Access Control: Limit access to sensitive information and systems to authorised personnel only by defining access rights.
• Network Security: To prevent unwanted access, put in place secure network settings such as firewalls, intrusion detection systems, and network segmentation.
• Data Protection: To safeguard sensitive information both in transit and at rest, impose stringent data encryption procedures.
• Vulnerability Management: To quickly detect, rank, and fix system vulnerabilities, put in place a vulnerability management programme.
• Incident Response: To efficiently identify, address, and recover from cybersecurity problems, create a thorough incident response plan.
• Employee Education: Educate all staff members on common risks, safe practices, and reporting procedures by holding regular cybersecurity awareness training sessions.

Regulatory Compliance:
To safeguard personal data and uphold confidence with stakeholders and customers, adhere to applicable data privacy laws and regulations.

Strong data protection laws that offer individuals control over their personal information should be passed by governments. These regulations must to stipulate precise procedures for obtaining authorization, require transparency in data collection, and penalise data breaches.

Technology companies should regularly release transparency reports outlining their procedures for collecting, sharing, and retaining data. Information about moderation and removal should also be included in these communications. Encourage consumer education initiatives on internet safety, privacy, and the potential repercussions of leaving a digital imprint. Increasing users' awareness helps them defend their rights better.

Conclusion
In summary, the core values embodied in human rights law are seriously threatened by cybercrime. Its intrusion on people's rights to privacy, expression, association, education, and health emphasises how urgently we need to find a comprehensive solution to this problem. Governments, corporations, civil society, and individuals may work together to protect human rights in the digital era and make sure that everyone can benefit from technology without sacrificing the essential liberties that uphold human dignity.

Cybersecurity is a continuous process of adaptation and alertness rather than a static endeavour. Organisations need to constantly assess their cybersecurity posture, improve their safeguards, and update their policies as threats change and technologies progress.

Organisations may successfully navigate the digital battlefield, preserving their assets, preserving their reputation, and guaranteeing the secure flow of information in a world growing more interconnected by putting strong safeguards in place and putting thorough cybersecurity standards into practise.

References:
Books:

• "Cybercrime and Human Rights" by David M. Berry (2016)
• "The Impact of Cybercrime on Human Rights" by Sandra L.Donnell (2018)
• "Cybercrime and the Right to Privacy" by Susan Landau (2021)
• "Cybercrime and the Future of Human Rights" by Gabriella Coleman (2022)

Journal Articles:

• "Cybercrime and Human Rights: An Overview" by Sandra L.Donnell, International Review of Law, Computers & Technology 27 (5), 523-554 (2013)
• "The Impact of Cybercrime on Human Rights: A Legal and Ethical Analysis" by David M. Berry, Journal of Business Ethics 127 (4), 933-946 (2015)
• "Cybercrime and the Erosion of Human Rights" by Peter Allday, Journal of Cyber Policy 1 (2), 119-135 (2018)
• "Cybercrime and the Right to Privacy: A Global Perspective" by Susan Landau, Journal of Technology Law & Policy 24 (1), 1-36 (2021)
• "Cybercrime and the Future of Human Rights" by Gabriella Coleman, The ANNALS of the American Academy of Political and Social Science 764 (1), 190-204 (2022)

Reports and Studies:

• "The Human Rights Dimensions of Cybercrime" by the United Nations Office on Drugs and Crime (UNODC) (2014)
• "Cybersecurity and Human Rights" by the Council of Europe (2016)
• "The Right to Privacy in the Digital Age" by the United Nations Human Rights Committee (2017)
• "The Impact of Cybercrime on Freedom of Expression and Association" by the ARTICLE 19 (2018)
• "Cybercrime and the Right to Health" by the World Health Organization (WHO) (2019)

End-Notes:

1. TechTarget. (2023). What is Cybersecurity? Everything You Need to Know. Retrieved from https://www.techtarget.com/searchsecurity/definition/cybersecurity [Accessed on 29 November 2023]
2. Ibid
3. Ibid
4. Simplilearn. (2023). Introduction to Cyber Security. Retrieved from https://www.simplilearn.com/introduction-to-cyber-security-article (last visited on November 28, 2023)
5. Codecademy (2023) Introduction to Cybersecurity. Retrieved from https://www.codecademy.com/learn/introduction-to-cybersecurity (last visited on December 1, 2023)
6. NetAcad (2023) Introduction to Cybersecurity. Retrieved from https://www.netacad.com/courses/cybersecurity/introduction-cybersecurity (last visited on November 26, 2023)
7. Acronis. What is cyber protection? [Blog Post]. Retrieved from https://www.acronis.com/en-us/blog/what-is-cyber-protection/ (last visited on December 03, 2023).
8. Check Point Software Technologies Ltd. (2023). What is Cyber Security? The Different Types of Cybersecurity [Online]. Available at: https://www.checkpoint.com/cyber-hub/what-is-cyber-security/ [Accessed 14 November 2023].
9. Ibid
10. Ibid
11. PWC. (2023). A comparison of Cybersecurity Regulations - India [Online]. Available at: [https://www.pwc.com/id/en/pwc-publications/services-publications/legal-publications/a-comparison-of-cybersecurity-regulations/india.html] [Accessed 19 November 2023].
12. Craw Security. Cyber Security Regulations in India 2023. Jul 20, 2023. Retrieved from https://www.linkedin.com/pulse/cyber-security-regulations-india-2023-craw-security-craw-security-43345792/ [ Accessed 20 November 2023]
13. PWC. (2023). A comparison of Cybersecurity Regulations - India [Online]. Available at: [https://www.pwc.com/id/en/pwc-publications/services-publications/legal-publications/a-comparison-of-cybersecurity-regulations/india.html [Accessed 19 November 2023].
14. Ibid
15. ICLG. (2023). India - Cybersecurity Laws and Regulations [Online]. Available at: https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/india [Accessed 29 November 2023].
16. Ibid
17. Human Rights Watch. (2021, May 5). Abuse of Cybercrime Measures Taints UN Talks [Online]. Available at: https://www.hrw.org/news/2021/05/05/abuse-cybercrime-measures-taints-un-talks [Accessed 28 November 2023
18. ARTICLE 19. (2023). UN cybercrime treaty must not put human rights at risk [Online]. Available at: https://www.article19.org/resources/un-cybercrime-treaty-must-not-put-human-rights-at-risk/ [Accessed 29 November 2023].
19. The Record. (2023). Global Cybercrime Treaty 'Disastrous' for Rights, Orgs Warn [Online]. Available at: https://therecord.media/global-cybercrime-treaty-disastrous-rights-orgs [Accessed 30 November 2023].
20. Infosec Awareness. (2023). Cyber Laws of India [Online]. Available at: [https://infosecawareness.in/cyber-laws-of-india] [Accessed 14 October 2023].
21. Access Now. (2023). Digital Rights 101: Understanding How Technology Affects Human Rights for All [Online]. Available at: https://www.accessnow.org/digital-rights-101-understanding-how-technology-affects-human-rights-for-all/ [Accessed 1 December 2023].
22. Council of Europe. (2016). Cybersecurity and Human Rights. Council of Europe Publishing.
23. United Nations Human Rights Committee. (2017). The Right to Privacy in the Digital Age (General Comment No. 23). UN Human Rights Office.
24. World Health Organization (WHO). (2019). Cybercrime and the Right to Health. Geneva, Switzerland: WHO.
25. Sandra L.Donnell, "Cybercrime and Human Rights: An Overview," International Review of Law, Computers & Technology 27 (5), 523-554 (2013).
26. PricewaterhouseCoopers (PwC). (2023). A comparison of cybersecurity regulations: India [Online]. Available at: https://www.pwc.com/id/en/pwc-publications/services-publications/legal-publications/a-comparison-of-cybersecurity-regulations/india.html [Accessed 1 December 2023].
27. 1995 AIR 264
28. National Institute of Standards and Technology (NIST). (2023). Cybersecurity [Online]. Available at: https://www.nist.gov/cybersecurity [Accessed 1 December 2023].
29. IT Governance USA. (2023). ISO 27001 Certification: The Gold Standard in Information Security [Online]. Available at: https://www.itgovernanceusa.com/iso27001 [Accessed 1 December 2023].