Pavan Duggal on Important Global Cyberlaw Trends In 2017




(This is the first part of the three part series of the articles written by Pavan Duggal, internationally renowned expert and authority on Cyberlaw, as he embarks on his annual review of Important International Cyberlaw Events in 2017)

Cyberlaw as a discipline is constantly evolving. Each year, the world sees new legal developments, which in their own manner, contribute to the evolving cyber legal jurisprudence. 2017 saw some remarkable cyberlaw advances taking place, at the international level.

2017 was the year that was marked by the significant legal developments in Cyber Security. Cyber Security became one of the key important parameters for various stakeholders across the world. No wonder, different Countries increasingly started looking in the direction of regulating activities concerning Cyber Security in the digital and mobile ecosystem.

China in the year 2017 came up with implementing its landmark National Cyber Security Law. This Law was potentially one of the most comprehensive pieces of legislations concerning Cyber Security that got implemented across the world. The said law was further significant as it gave a very wide legal definition of Cyber Security. Cyber Security has been defined to refer to the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. The said law further defined various rights, duties and obligations of various stakeholders.

Of particular relevance was the wide ranging applicability of the said Law. As per the said Law, the new Chinese Cyber Security Law became applicable not just to the entire of  China but even beyond China’s territorial boundaries. Another significant relevance of the Chinese legal approach on cyber security was the unique focus on the concept of cyber sovereignty. China came up with a very elaborate, comprehensive and constantly expanding scope of cyber sovereignty. It further upheld and underlined the basic premise that cyber sovereignty has to be an important pillar for national decisions making and for Nation Governments and hence the same has to take precedence over other conflicting international arrangements.

The year also belonged to China in the manner in which it not just went ahead and implemented its Cyber Security Law but also effectively even fined three internet giants for non-compliances the law, leaving no doubt in people’s minds that China would ensure the complete implementation of its Cyber Security Law. Various new sub-rules, and regulations are in the process or being discussed. However, this legislation has demonstrated to the World the irreversible nature of how Cyber Security law will continue to evolve in the coming times.

The growth of Cyber Security Law got further boost in other countries, as different countries increasingly started getting focused on regulating Cyber Security. Singapore came up with its draft National Cyber Security Bill for public comments. The Singapore approach was trying to adopt the good relevant features of various other legislations. By putting up its draft cyber security bill for public comment and receiving various comments, Singapore has shown that it wants to basically incorporate all the salient features of good legislative rule making in its Cyber Security Law. At the time of writing, various other Countries are in the process of discussing, drafting and negotiating new National Cyber Security Laws.

The year 2017 was without doubt the definitive year, when the law on Cyber Security started emerging as an important component of Cyberlaw jurisprudence.

The year 2017 saw more countries engaging in bilateral cyber security cooperation agreements. Countries have begun to start realizing that they cannot keep on waiting endlessly for an International Cyberlaw framework to be in place and hence, countries have started to look at negotiating bilateral cyber cooperation agreements which are a form of soft legislations, all aimed at further expanding the scope of Cyberlaw jurisprudence.

Different countries engaged in different levels of activities pertaining to bilateral arrangements. These bilateral arrangements need to be viewed as one step forward in the evolving Cyberlaw jurisprudence. However, the fact remains that there are intrinsic shortcomings of bilateral arrangements. Cyberspace and the internet are global paradigms and global phenomenon and hence the challenges emerging from global phenomenon cannot be hoped to be addressed by bilateral cyber cooperation agreements.

It is interesting to note that while different countries are engaging in bilateral cooperation agreements, there is no mechanism to find out as to how much cooperation was actually happening. It appears that countries across the world are increasingly getting clear on one broad theme. Countries across the world are increasingly wanting to expand the scope of national security and national sovereignty to include huge chunks of cyber sovereignty therein and at the same time, countries also feel that they need to work together towards bilateral Cyber Security cooperation agreements.

It is also interesting to note that a large number of these bilateral arrangements specifically provide that if any incident, information or event relates to the national security of one country, then the said information will not be shared with the other negotiating country. I have always welcomed the concept of bilateral cyber cooperation agreements, but I have been wary of the shortcomings that emerge therefrom. Countries need to increasingly realize that they cannot put their entire eggs into the bilateral Cyber Security cooperation basket, but increasingly need to diversify their thought processes. Countries need to very quickly start negotiating for an International Cyberlaw framework in place.

The year 2017 further saw, the world suddenly waking up to a new looming challenge on the horizon being the General Data Protection Regulation(GDPR) of European Parliament, the Council of the European Union and the European Commission, which is supposed to come into effect from May, 2018. The stakeholders increasingly in the year 2017 woke up to the existence, impact and ramifications of the forthcoming GDPR. Though, the GDPR is primarily a European legal instrument which is aimed the data protection, it does however, categorically stipulate that non compliance with its provisions could  attract severe penalties of up to 4% of worldwide turnover. This is a very significant provision and increasingly companies and different stakeholders in different parts of the World have started worrying and have started concentrating their energies on how their operations could be seen to be compliant with the GDPR regime which comes into effect from 25th May, 2018. 

All said and done, the year 2017 was an interesting year as far as growth of International Cyberlaw jurisprudence was concerned as jurisprudence started evolving  in different directions. In 2017, the further evolution and development of Cyberlaw jurisprudence was shaped by newly emerging ground realities.

There are numerous other important cyberlaw developments that took place globally in the year 2017. My next article will seek to examine other important cyber legal events that engaged the attention of the world in the year 2017.

The Author Pavan Duggal, Advocate, Supreme Court of India, Internationally acclaimed Authority and Expert on Cyberlaw and Cyber Security Law, Chairman of the International Commission on Cyber Security Law and President of Cyberlaws.Net can be reached at his email address: – and More about Pavan Duggal is available at

Download Important Global Cyberlaw Trends In 2017-Part 1



(This is the Second Part Of The Three Part Series Of The Articles Written By Pavan Duggal, Internationally Renowned Expert And Authority On Cyberlaw, As He Embarks On His Annual Review Of Important International Cyberlaw Events In 2017)

The year 2017 was yet another momentous year in the history of mankind. This year showed increased adoption of internet by those sections of the world population who had erstwhile not been using the internet. Not just the world population grew, but also the total number of internet users increased at a very impressive pace.

The year 2017 was also the year of hope. Different initiatives were started for the purposes of fighting against the bad guys in cyberspace. Different cybersecurity professionals started gathering together to come up with their own practical real time approaches to deal with cybersecurity breaches, thus adding a common man’s contribution to the evolving cyberlaw jurisprudence across the World.

Another important trend of cyberlaw jurisprudence was that cyberlaw frameworks across the World increasingly began to find themselves being inadequate or insufficient to deal with newly emerging cyber crimes. Cybercrime grew at a very rapid pace. New kinds of Cybercrimes have emerged which have not ever been envisaged, predicted nor covered under the existing national laws. Cybercriminals have increasingly begun to demonstrate inadequacy of existing national cyberlaw frameworks by coming up with more innovative cyber criminal activities.

This is hardly surprising given the fact that Cybercrime continues to grow at a very rapid pace, with the global cost of cybercrime expected to cross 6 Trillion Dollars by 2021. The year 2017 saw substantial increase in Cybercrime development and enhancement of cybercrimes as a paradigm.

The year 2017 also saw a distinct new trend where numerous service providers increasingly started bending backwards to comply with national regulations and demands for data sought by different national governments for protecting national interest and for fighting cybercrime.

The year 2017 was also the year when law makers became increasingly concerned with how to regulate the use of encryption and related technologies that are increasingly now being used on the internet by numerous stakeholders to hide not just their identities but also their digital footprints. Different countries are faced with the ethical dilemma of how much to regulate the use of encryption and to what levels.

Countries soon began to start realizing that their national cyber legal frameworks need to be beefed up so as to deal with the newly emerging challenges of cyber terrorism and cyber radicalization.

The year 2017 also saw investigations being launched in the US pertaining to hacking of US Elections by Russia. While the investigation is still undergoing, this year demonstrated in crystal clear terms that today the ambit and scope of the vision of cyber crime actors has hugely expanded from just doing Cybercrime activities to causing monetary loss to the victims and monetary gains to themselves. Cyber criminals have now clearly glued their eyes on to new ventures. Hence, impacting and even targeting elections in the year 2017 and with reports emerging of potential tampering complaints of Indian Electronic Voting Machines coming in, the year 2017 increasingly was very clear that cyber criminals increasingly would now, not just be targeting at monetary gains but also elections and even critical information infrastructure.

The year 2017 was also important as different efforts were made to contribute to the evolving jurisprudence of cyberspace. The Global Conference on Cyber Space aimed to further the discussions amongst various stakeholders. The International Conference on Cyberlaw, Cybercrime & Cybersecurity in New Delhi, further identified common minimum parameters which nation states have to keep in mind as they go about legislating their cyber legal frameworks in the year 2017-18 to deal with newly emerging yet topical and current cyberspace challenges.

A large number of countries, who have in place their national cyber laws, continued to face the onslaught of newly emerging technological changes. The propensity of large number of nation governments to argue that their laws are the best in the World and they do not need amendment or constant updation fails logic. Countries need to quickly wake up to the ground reality that laws are always ten steps behind the advances of technologies. Legal frameworks must not only be drafted in very broad general terms but also be constantly adapted and updated so as to deal with emerging new cyber space challenges.

Way back in 2015 at the WSIS forum I had advocated the need for having in place an International Convention on Cyberlaw and Cybersecurity. Well, experts agree on the utility and value of such a convention. However, I have seen very little enthusiasm amongst countries to take any cogent steps in this direction. Negotiating an International Treaty will be a very time consuming process and hence Countries need to look at some common minimum denominators of commonly accepted principles impacting cyberlaw and cybersecurity which can become as initial starting points for moving forward, in the direction of creating an orderly legal order in cyberspace.

The year 2017 continued to be an important year with talks of evolving cyberlaw jurisprudence. The year 2017 laid down the foundations for strong cyber legal jurisprudential development in the year 2018. It will be interesting to see how the year 2018 builds on the various cyberlaw developments at the international level in the year 2018.

The Author Pavan Duggal, Advocate, Supreme Court of India, Internationally acclaimed Authority and Expert on Cyberlaw and Cyber Security Law, Chairman of the International Commission on Cyber Security Law and President of Cyberlaws.Net can be reached at his email address: – and More about Pavan Duggal is available at

Download Important Global Cyberlaw Trends In 2017-Part 2