New Delhi: The government’s move to persuade computer makers to educate buyers about cyber crime is facing resistance by companies apprehensive that the move may raise costs while forcing them to adopt a measure that is of little practical value.
The department of electronics and information technology issued an advisory in January directing vendors to ensure that computer boxes contain a brochure on cyber security measures, among other material.
Companies seem reluctant to do so on the grounds that their supply chains are spread across the globe. The companies contend that opening the imported boxes to insert the brochure could mean new tax levies on the products along with operational costs for the companies.
“We understand the aim of the government to create awareness about cyber security through this measure, but they have to realize that their suggested means of doing so may not be practical for the industry,” said a senior executive at a foreign PC (personal computer) manufacturer who didn’t want to be identified due to the sensitivity of the matter.
The move comes on the back of other government actions that have hurt global PC vendors in the country.
“India has suddenly become a difficult place to work in because of these policy measures for global PC companies which see a lot of potential in this market,” said an executive at one such company. He said the sentiment is shared by other PC vendors and has started cropping up in global board discussions.
The advisory issued to all companies by the government after more than a year of discussions between them calls on vendors to adequately inform consumers about the security risks in form of a list of dos and don’ts.
“It is not mandatory right now as we are giving companies some gestation period,” said a government official, who didn’t want to be named. “Companies have been arguing that they will have to change their designs etc. for this, but where there is a will, there is a way.”
According to the brochure, “82% of the home users experienced at least one security threat during 2011”.
Since the measure isn’t mandatory as of now, compliance is patchy.
One multinational PC firm executive said the company had begun ensuring that the brochure is handed out with every machine by dealers after its shipment for a large state government order was “stopped” on these grounds.
He also pointed out that inserting a brochure into a box wasn’t likely to persuade users to suddenly become security-conscious since manuals and pamphlets are largely ignored.
“In the short term, it is not feasible, and just adds overheads to our costs which will be eventually passed on to the consumers,” said this person. “If the government wants to really make a difference, it should include education about cyber security in the school curriculum.”
Sumanta Mukherjee, principal consultant at CyberMedia Research, agreed that the move would mean an increase in costs in an industry where margins are low and competition is intense.
“A better idea would be to include such advisories with the operating system and the list of dos and don’ts could be updated with the regular updates which the system undergoes,” he said.
Mukherjee added that the government should explore tapping Internet service providers to improve security.
The companies’ reasoning for the apprehension about tax implications is because there are differences in levies for direct sale of products that are imported and products that are imported but have been altered and have some domestic value-add.
Another industry executive said: “The industry is worried because if tomorrow they say that you have to compulsorily insert a brochure, it is a logistical hassle for everyone. For that one brochure to be included, I don’t know how many changes in the supply chain have to be done. That’s a worry.”
The industry believes customer education should be a sustained effort, he said.
“We are saying that consumer affairs ministry should come into the picture, our retail outlets, websites etc can do campaigns, but the government wants all that to be done but doesn’t want to give up on the brochure.” The other recent measures that have made global vendors wary include the preferential market access policy that government recently notified and which has been criticized as being protectionist. This mandates central government procurement should be reserved to the tune of 30% for companies that can show domestic value addition of a designated proportion. The policy has been introduced to boost the local industry.
Besides this, the government also made it mandatory for manufacturers in 15 computer and electronics categories—for instance laptops, tablets and televisions—to get their devices certified for compliance with the Bureau of Indian Standards before 3 April.
Given the pace at which the designated certification labs work, the companies asked for a deadline extension, which has been granted.