This article is written by Sankara Narayanan, pursuing a Diploma in US Technology Law and Paralegal Studies: Structuring, Contracts, Compliance, Disputes and Policy Advocacy, from LawSikho. This article has been edited by Aditi Deshmukh and Dipshi Swara.
The term ‘gig’ normally used in the field of music now refers to a job undertaken for a short period. The labor market comprises freelancers and users engaged in contract work for a specified short time and paid through digital platforms refers to the gig economy. Specified work or service when carried out by a person for another person or company not permanently is freelance work. Digital platforms made it easier to perform work from remote locations. An individual can perform the work from an independent location and contribute towards achieving the goal of the company. Individuals, as well as organizations, found freelancing work more convenient and cost-effective, that it encouraged gig services and culminated into the gig economy.
Gig economy involves the exchange of labor by freelancers for money to individuals or companies through digital platforms, facilitating as a medium of the interface between providers and customers, in a short-term period for payment to complete a particular task. It would be interesting for the freelancers to know the gig economy contributing to the growth of cybercrimes as digital platforms such as Upwork are used by many freelancers. The exponential growth in the gig economy, availability of a large number of freelancers, flaws in the cybersecurity system and lack of legal framework made the gig economy becoming a new battleground for cybersecurity.
The conventional method of maintaining human resources permanently in the current socio-economic situation causes many problems for employers as well as employees. As the market is getting competitive, companies need to streamline the resources to minimize operating costs and achieve economic benefits to have a competitive advantage in the marketplace. Human resources in developed economies are not only expensive but also difficult to source the right resource permanently. Most of the work can be efficiently carried out by competing for freelance workers operating from remote locations. It is found to be cheaper to outsource work through freelancers.
Pointers on Freelancing:
- Freelancing is not a new concept, it has been prevalent in many countries and sectors such as writers, artists and others where direct personal presence is not required were operating remotely.
- Freelancing has expanded at a rapid rate due to various factors such as technological innovation, availability of trained human talent in various fields, globalization, growth in the IT sector, etc.
- A freelancer undertakes a particular job and provides his/her services to another person or company at a pre-agreed rate for such services, without any permanent employment contract or other commitments to the other person or company.
- Freelancing is doing the job or services by the freelancer. The freelancer who is not on the payroll of the company normally works on his own to complete the task entrusted to him by the company at a rate and conditions that have been agreed by the freelancer and the company. When the work is carried out through digital platforms, such activities contribute to the gig economy.
The main advantage of freelancing is the availability of human talent at a competitive rate. Freelancers are available for almost all kinds of tasks. The number of professional freelancers is increasing and platforms that connect freelancers with the end-users are also increasing. The communication connectivity and speed of transferring data have tremendously improved. More and more companies engage freelancers for fulfilling their work thereby cutting down on human resources costs, as maintaining a permanent workforce becomes burdensome. When the individual economies of countries have transformed into the global economy, the number of businesses and enterprises has expanded at a global scale. Even before the Covid 19 pandemic, companies were outsourcing many business process operations locally and at a cheaper rate from developing countries. The cost of the business process became so expensive in the developing world especially the US, the world’s largest economy. US companies were utilizing the Indian talent pool for manning their call centers, back-end business process, and other IT-related works. The availability of talented IT professionals and another workforce with excellent communication knowledge encouraged developed economies to find cheaper solutions from other global sources. This also led to most of the work being outsourced to freelancers and growth in the gig economy.
The gig economy
The gig economy relies on Information Technology (IT) networks and digital platforms. Cyberspace is the medium for the modern type of business. Data processing has become very easy, and the churned data has become resourceful and valuable. Cybercriminals found that stealing such data by breaching cybersecurity is very lucrative. This resulted in manifolds of cybersecurity threats. Companies are aware of the external threat and take appropriate measures to secure the data through various layers of protective measures.
But most cybersecurity issues and data breaches are caused by internal threats mostly carried out by employees within the company. Unlike a permanent employee of a company, freelancers and remote contract workers can misuse the data. The freelancers can access sensitive information of companies and it is often difficult to hold them accountable like that of a permanent employee. Many of them use their computer and use an open wi-fi system to transfer and retrieve data. While the data is transferred through unsecured wi-fi connection and internet or other networks, they are vulnerable to cyber-attack and hacking. Such cyber-attacks pose great risks and threats to data security that lead to cybercrimes. The customers can choose the services and make payments to freelancers through the associated digital platforms creating a separate economic system called the gig economy.
The gig economy represents a free market system in which organizations and independent workers engage in short-term work arrangements. As the gig economy is growing at a faster rate, the use of digital platforms and IT infrastructure requirements are also increasing.
Information technology and gig economy growth
When many freelancers and customers are to be connected, digital platforms become an easy channel to facilitate the activities. Many digital platforms enabled freelancers and customers on a model of the hub and spoke systems, such as tourism, travel, hospitality like Uber and Airbnb through IT networks and digital platforms. Even small businesses cannot survive now without IT-enabled services be it that for e-commerce, payment gateways, or data processing.
Almost all business and financial transactions are taking place through IT-enabled services. Most of such work is entrusted to freelancers and the means of connecting them with the companies or other individuals who require the freelancer’s services are through IT networks. As the gig economy is growing at a faster rate, IT infrastructure is in great demand, whether it is cloud services, servers, storage, cyber security, or system integration. With the advent of advanced cyber security measures in networks, companies rely on IT services to have better economic advantages. Most of such services are outsourced to expert companies. This expansion has contributed to enormous investments in the IT services industry. As the industry is growing, the manpower required to design, develop, implement, and maintain the system has also increased. Growth in the gig economy increased cybersecurity threats.
Cyber security threats
Initially, companies utilized their intra IT networks or local area network (LAN) which were highly secure and less susceptible to external threats. But when the concept of a global village evolved where everyone is connected, individuals and companies are forced to use open sources for IT services to have wider coverage or a wide area network (WAN). With the speed of connectivity tremendously increased, most business functions are carried out online. Data collection, processing, coding, and storing became very easy and made data a valuable commodity. Companies started to gather and manipulate data for their economic advantage and the processed ‘big data’ became highly valuable. This attracted both external and internal cybercriminals to gain control or access such data. Most businesses are carried out in cyberspace, malevolent actors with malicious intent, steal data or money of others, disrupt and damage data, access classified information, impersonate others, damage the networks, and hack the system.
Cybersecurity is breached when the sensitive information of the company is accessed by an unauthorized person. As freelance workers are attracted to many online businesses, when the number of players increased, cyber security threats also increased. Cyberspace became very popular as both freelancers and companies benefited, thereby the gig economy started to grow at a faster pace. Cybersecurity threats can be internal or external or due to technical failures of the IT system. Data stealing, data privacy invasion, cyberbullying, blackmailing, and defamation are various crimes related to cybersecurity.
Cyber security cases are increasing at an alarming rate all over the world and the Indian government reported over 1 million cases in 2020 which is three times more than that reported in the previous year. Growth in the gig economy is becoming the battleground for cybersecurity.
Battleground for cybersecurity
The medium of the gig economy is mostly carried out through IT-enabled cyber communication channels. Cybersecurity threats can be due to internal, external, or technical failures. The internal threats can be intentional or unintentional. The employee of the company who has access to the sensitive data which he uses for his benefit or to make economic advantage intentionally acquires the data and misuses it. An innocent employee who may leave the system unprotected or make a mistake in the operation whereby the data is transferred to a third party without any malicious intent, still poses the threat of cybersecurity.
External threats are; the work of hackers and cybercriminals who for economic or political reasons breach the data or digital platforms. Another type of cybersecurity threat may be caused due to failure or fault in the IT system by which the system may erroneously transfer data or money to a third party. Teenagers and children also indulge in cybercrimes, and they must be brought under proper legislation. The freelancers are based in different jurisdictions and often the territorial limitations help the cybercriminals to escape justice.
Cybersecurity legislation in India
Cybersecurity is a major problem for individual countries and is also an international crime as it can cause damage to the national economy.
Cyber Security crimes in India are dealt with under The Information Technology Act, 2000 (IT Act) and the Information Technology (Amendment) Act, 2008. Section 43 refers to damaging a computer without the permission of the owner of the computer. Section 66 deals with fraudulent or dishonest acts that are referred to in Section 43. But the maximum penalty is a fine of up to Rs 5 Lakh and or 3 years imprisonment.
Indian Constitution while providing fundamental rights in Article 19 (1) (a) provides freedom of speech and expression but comes with certain exceptions as freedom of expression cannot harm another’s reputation, making defamation a crime.
The Indian Penal Code, 1860 was amended to include offences committed via electronic forms and mediums.. Section 469, 470, 499, 500, 503, and 504 provides for forging, harming reputation, defamation, intimidation through an electronic medium, and punishment.
The Companies Act, 2013 was also amended from time to time and the Serious Frauds Investigation Office (SFIO) has been entrusted with the power to control fraud by corporations in technology and legal compliance. Companies Inspection Investment and Inquiry Rules, 2014 has given more powers to SFIO.
One of the first cybercrime cases was CBI v. Arif Azim. Arif who was 24 years old at that time had ordered a TV from Sony India Pvt. Ltd. fraudulently using the credit card of an American national. The court found him guilty under Section 418, 419, and 420 of the Indian Penal Code and Section 66 of the IT Act.
Another infamous case was that of Pune Citibank-Mphasis fraud case, where the Mphasis Ltd. call centre employees stole data of many US customers and amassed benefits of Rs. 1.5 Crores. The accomplices were found guilty under Sections 66 and 43 of the IT Act and were ordered to pay compensation to the victims.
These cases give an overview as to why it is important to have effective regulatory frameworks in place for curbing cyber crimes. Now that we are depending on the internet to do our work, engage in confidential information or documents sharing, and various payment transactions, it is incumbent that we have comprehensive legislations governing all these aspects.
Cybersecurity in other jurisdictions
The US has formulated a cybersecurity framework for combating cybercrimes. National Institute of Standards and Technology (NIST) has been entrusted to provide the framework for cybersecurity in setting up standards, manage, interpret, mitigating measures for data loss and other cyber risks.
EU Cybersecurity Act, Regulation (EU) 2019/881 of the European Parliament and the Council has enacted the regulations to deal with the cybercrimes.
Despite the strict regulations in the USA and the EU on cybersecurity, the cybercrimes related to gig platforms are increasing. Cyber attackers wreak havoc in India too. India has reported a higher number of cybercrimes year to year. The Personal Data Protection Bill, to protect data breaches is still pending with Lok Sabha and once it is enacted at least the number of cases can be brought down to a considerable level.
The gig economy has gained greater importance in business due to the availability of expert freelancers who are ready to take up almost all jobs and technological innovations especially in the IT field, made the gig economy grow at exponential growth. This growth paved the way for a vast increase in cybersecurity threats and became a global battleground of cybercrimes. Individuals and organized crime syndicates are vying for the opportunity of any slack in the legal framework and lapse in cybersecurity to indulge in cybercrimes which have also grown in tandem with the gig economy. The current legislation and cybersecurity measures seem to be inadequate in dealing with the cybersecurity issues related to the gig economy. Freelancers can be based in different jurisdictions and the local legislation shall not be effective to bring them before the law. A comprehensive legal framework with international cooperation, continuous cybersecurity monitoring, and control is required to contain the gig economy-related cyber crimes as they will not only affect individual countries but also the world economy.
Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skill.
LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join: