|
Nasscom's Employee List
In a bid to reduce the employee related risks in the ITES/BPO sector, Nasscom has recently launched the "National Skills Registry for IT Professionals".(NSR). The registry is launched in association with the National Securities Depository Limited (NSDL) and is expected to keep a list of employees, their professional and educational background. It has been stated that entry in the register would be mandatory for being hired in the IT sector. It is also stated that the information would be under the control of the employee and would be viewable only with his consent. Though the intention behind creation of the registry is well appreciated, one needs to wait and see how the system is likely to develop..... Nasscom's Press Release
Fraud at Slash support Chennai
In yet another fraud by employees of a BPO, over Rs 41 lakhs were siphoned off by a few employees of Slash Support in the form of claims of refunds for dissatisfied service. In a typical fraud involving falsification of electronic records, employees are said to have created over 3047 dummy refunds over a period of time. The fraud again reflects the lack of adequate security policies at Indian BPOs for fraud prevention and also highlights the inadequacies in the processes. If this could be the situation in a relatively better equipped company like Slash support, one wonders about the risk levels in other BPOs. ..Report in ET
BPO Employees Booked for Hacking
Imran Saeed (25) and Frank Remedios (26) two employees of IntelNet Global Service, a business process outsourcing (BPO) firm im Goregaon, Mumbai were arrested for tampering with the credit card profiles of American citizens. They have been charged for hacking, forging, cheating and conspiracy. .Details at TOI
New IT Security Standard Launched
A new International Security Standard ISO 27001, titled "Information Security Management - Specification With Guidance for Use", has been launched in replacement of BS7799-2. It is intended to provide the foundation for third party audit, and is 'harmonized' with other management standards, such as ISO 9001 and ISO 14001.The final version of ISO 27001 was published in October 2005 and is only the first of a series of standards to support information security. It is however the most important, from a 'top down' perspective, as it defines the information security management system...More
A New Fraud Mail
A new fraud mail of the Nigerian 419 type has hit the Indian market. The mail ostensibly comes from a lady with the following kind of message...Details
Legality of Google Cache Upheld
In a judgment of significance on the Copyright issue, the Nevada District Court in USA has upheld the validity of the Google Cache. The practice of maintaining a copy of the web page for indexing purpose and making it available to public through search engine search results has both been upheld as "Fair Use" and not in violation of DMCA. One of the arguments that the judgement has upheld is that non Use of meta tags to prevent archiving can be considered as an "implied consent". This has at last put some onus on the website owners who believed in placing the content in public and trapping them into infringement suits.
The judgment may also have impact on other issues such as "Deep Linking", "Framing",song downloads etc where also one can observe the practice of a reluctance on the part of the content owner to put restrictions on the user and there after claiming infringement damages.
Whistle blowing System for Private and Foreign Banks
RBI has introduced a system for "Whistle blowing" in foreign and private banks in India. According to the "Protected Disclosure Scheme" any instance of corruption, "Misuse of Office", "Fraud" or "Failure to Comply with RBI rules" can be intimated to a designated officer in RBI in a closed cover. No anonymous or Pseudonymous complaints are accepted. The sealed envelop should be addressed to The Chief General manager, Department of Banking Supervision and Fraud Monitoring Cell, II Floor, World Trade Center, Cuffe Parade, Mumbai 400005. RBI undertakes to protect the identity of the complainant
It may be noted that Cyber Law College has already been recommending such a procedure at the Bank's level in its "Cyber Ethics Training Programme for BPOs" as a part of its norms for certification of "Ethical BPO Professionals".. Details
"Tresspass" to Chattels Recognized in Spyware Case
In a reversal of an earlier court ruling and clarification of confusions surrounding similar instances, a A Californian Court delivering its judgment on a "Spy ware" case (Kerrins Vs Intermix Media Inc) has inter-alia recognized the concept of "Tresspass" in "Information Space". Further developments are expected to reveal more of the Court's mind in this regard....Details
Hong Kong ISPs ordered to Provide Information on users
ISPs have often been protecting law offenders under their obligation for Privacy Protection by refusing legitimate requests of the law enforcement authorities for information in respect of any offenders. In one criminal case from Chennai, a Hong Kong ISP had refused to divulge information about an e-mail holder who was sending defamatory e-mails to one of the employees of an MNC. Even after a request from Chennai Police the ISP refused information and since the request had to be routed through CBI and Interpol, the victim failed to get justice.
Now it is reported that the Hong Kong High court has ordered for information about users be given by ISPs in Hong Kong. This could be considered a land mark judgment in its own right since in future ISPs will find it difficult to shield offenders... Report from Yahoo News
Fight Against "Badware" launched
In order to reduce spyware or adware a movement has been launched to identify such "badware" and keep the netizens informed. The website www.stopbadware.org is addressing this issue. Naavi.org wishes the programme all success. A link to this site has been placed in the left menu frame.
Dilemma for Cyber Cafes in Tamil Nadu
The Cyber Cafe regulations announced by TN Police under the TNCP Act, has put Cyber Cafe owners in Chennai in a dilemma. Should they continue in business? ..or Not?. It is clear from the notification which has drawn inspiration from the Mumbai and Karnataka Regulations that the conditions indicated are impractical and can not be fulfilled by any of the Cyber Cafe owners in the normal course. Many of the conditions are unclear and ambiguous and will place the cyber cafe owners under doubt as to what is right and what is wrong.
Under the circumstances, it is advisable for Cyber Cafe owners to review their functioning before deciding to continue to be in business. ..More
Google Refuses to Cooperate
Google has refused to cooperate with the regulators who would like to revive law for protecting children from online Pornography. The controversy is regarding the "Children Online Protection Act" which is stuck in a court battle with the challenge from ACLU (American Civil Liberties Union). The Justice Department is trying to defend a law while Court challenges have prevented it from being enforced. The government wants to know from Google and other search engines how much harmful information is actually out there, and how likely people are to come across it. Google defends its stand on the basis of "Privacy"...Detailed Report from news8austin
Pakistan Finalizes Draft of E-Crimes Act
Pakistan has finalized the draft of Electronic Crimes Act with a fairly wide coverage of Cyber Crimes. While the proposed amendments to ITA-2000 failed to address the issues of Spam and Cyber Terrorism in India, it is interesting to note that Pakistan has clearly defined punishments for Spam, Cyber Terrorism, Cyber Stalking, Spoofing, Electronic Forgery as well as Cyber War. Though Pakistan was a late entrant to Cyber Laws, it is clear that it has stolen march over India thanks to the way legislation has been handled by MCIT..
Gurgaon BPO Case.. No Leakage of Personal Data
The Information Commissioner, the U.K.'s data protection agency, which investigated into the Sun Report on the Gurugaon BPO case where personal data of some British Banking clients were alleged to have been sold for a price, has confirmed that there was no evidence that any personal information was compromised...Details
It may be recalled that following the Sun Expose, a person was arrested, Indian BPO was maligned and the Prime Minister Mr Man Mohan Singh made a statement that Indian Cyber Laws needs to be amended to provide data protection. The Ministry then swung into action and through the Expert Committee drafted some amendments to the ITA-2000.
Even during that time, Naavi.org had maintained that the Expose/Sting operation lacked credibility, there is no need for panic and that Indian Data Protection regulation was strong enough under ITA-2000. Perhaps this stand has been vindicated by the findings of the UK Information Commissioner.
Digital Copyright Trend...More consumer Friendly?
The need for laws to consider consumer interests and larger public view was reflected in the digital copyright legislations of France and Korea which are in the process of legislation.
The Seoul Central District Prosecutors' Office has stated that it has set the guidelines for accusing those who violate copyright laws via the Internet. Under the guidelines, Internet users who are sued for illegally circulating and swapping music files for commercial purposes will be subject to criminal charges. However, individuals who download for personal entertainment music files that are permitted for personal purposes under the copyright law, will not be charged. (Details)
On the other hand, the French government is reworking a digital copyright protection bill to lighten restrictions on CD- and DVD-copying and mete out smaller penalties to small-time downloaders. The culture ministry issued a statement Saturday saying the bill was being amended on the orders of Prime Minister Dominique de Villepin to notably enshrine the right of consumers to make private copies of music and film disks. (Details)
These developments are to be taken note of by India which is in the process of drafting the "Optical Disk Protection Act".
Warranties on Website Cost Dearly..Lawyers set to make a Bonanza!
A class action brought against Netflix for violating promises made on the website has resulted in a settlement that costs the Company more than US $ 2.5 million. Details Also see here
The customers of the Company have however opposed the settlement on the ground that it has not helped the customers but only enriched the lawyers. According to the proposed settlement, the members of the service are getting a paltry benefit in terms of free service upgrade for one month. (Instead of being eligible to rent 3 DVDs per month they will be eligible to receive 4 DVDs per month for one month). On the other hand the attorney's are getting a payment of US $ 2.528 million towards their fees. The fairness of the settlement has been challenged by a group of Netflix members (See details here).
While the settlement is a reiteration of the responsibilities of the website owners for the statements made for promotion of the service, the huge payment intended to be made to the attorneys indicate how US law favours profiteering by the legal community bringing the profession into disrepute. A Class Action is essentially in public interest and charging of a huge attorney fee unrelated to the benefits sought by the consumers appears to be a misapplication of the principles of natural justice. ..(Comments Welcome)
Related site: comments at overlawyered.com :Comments from FTC
Five million Brits duped by scams
Five million UK adults have fallen victim to a series of moneymaking frauds, such as premium-rate prize scams, work-from-home schemes and Nigerian 419 email scams, according to research published by consumer watchdog Which?.A further 23 million people have been targeted by the scams. Details
Software Patentabilty Criticized
A U.K. judge has questioned whether software patents should be granted, and has criticized the U.S. for allowing "anything under the sun" to be patented. .Details at news.com
Indo-US Cooperation in Cyber Crimes
According to a news release from Press Information Bureau, the Confederation of Indian Industry (CII) and its US counterpart decided to set up an India Information Sharing and Analysis Centre (ISAC) and an India Anti-Bot Alliance to raise awareness about emerging threats to cyberspace at the third plenary of the India-US cyber security forum that was held in Delhi. Details
Standards for data protection higher in e-world
Whenever we are in doubt about a Cyber Law, there is a tendency to extend the laws from the meta space. In what could bring a rethinking on this aspect of Cyber Jurisprudence, The Information Commissioner's Office, UK responsible for Data protection Act issued a Good Practice Note indicated that certain provisions of "Data Protection Act" applies to e-mails and not corresponding communication on e-mails. The logic is "An ability of staff readily to identify and locate whole files, even those organised chronologically and/or by reference to his and others' names, is not enough," (as compared to e-mails)...Details at out-law.com
Consumer Rights Asserted Against DRM
In UK, The National Consumer Council is calling for laws to protect consumers' rights to use digital content claiming that ".. the use of DRM can and is already constraining the legitimate consumer use of digital content. It is also undermining consumers existing rights under consumer protection and data protection laws." ..Details at macworld
A Twist in the Yahoo-Nazi Memorabilia Case
The celebrated case of Yahoo Vs French Government which has been often cited for "Jurisdiction" and "Freedom of Speech" issues, an appeal court in San Fransisco has avoided assertion of its Jurisdiction in the case. The 11-judge panel in a mixed decision said that because Yahoo had voluntarily complied "in large measure" with the French court's orders and barred the sale of Nazi memorabilia from its site in France, Yahoo's free speech petition has become a moot issue. It indicated "criminal statutes of most nations do not comport with the US Constitution. That does not give judges in this country the unfettered authority to pass critical judgment on their validity," even in cases deemed to involve "morally reprehensible speech of the worst order."..Details in itnews.com
The State of Data Security in US !
Barely 5 weeks since the new data protection measure was introduced in New York State requiring notification of data breaches, 200,541 residents have received notices that their private data (such as Bank account number, elephone number, income, medical records etc) have been accidentally leaked. London Tabloids who created a hue and cry that data is on sale at Indian BPOs for a pittance need to take a look at the US market.!...Detailed story at newsday.com
SBI...and TCS.. owe an explanation
It may be noted that the Bank had introduced a new software system some times back which is a Core Banking system managed from Mumbai. The system is said to have been bought from an Australian Firm and customized by TCS. ...Since the amount involved is very huge, it is beyond the scope of TCS to meet this liability if it has to indemnify the Bank. It may even be beyond the scope of SBI to meet the provisions connected with the bad debts arising out of this problem...More
SBI Reports Correction of software bug
SBI.. Solid Foundation is Melting
During an examination of a casual complaint from one of the customers of State Bank of India in a branch in Bangalore, it came to my notice that there were several unexplained anomalies in the accounting of fixed deposit accounts in the branch. The problem was inherent in the computerised system and I presume it would be manifest in several other Branches of the Bank... More
Indian Music Industry (IMI) objects to Ring Tone Downloads
According to this report from Business Standard, IMI has threatened to take “appropriate civil and criminal action” against over 600 websites and 30 Indian Internet service providers (ISPs) — including the Internet Service Providers Association of India (ISPAI) — for “not preventing” the unauthorised downloading of online music. The IMI has over 80 music companies as its members...Detailed Report
Is ICICI Bank Offering a Secure Online Banking Experience?
On 26th December 2005, Hindu had carried an article titled "For a secure growth of Internet banking and e-commerce" where in a mention had been made about the current Banking practices in India. The article drew a protest from ICICI Bank which took objection to use of some graphics and claiming that its systems are very secure.
In this connection it is necessary to point out that the systems used by ICICI as well as otehr Banks in India lack certain security features which place the industry at a great risk....Details
State Bank of India in a Huge Mess?
State Bank of India is the single largest Bank on a global scale with the largest number of branches and customer network. However, the recent computerization drive in the Bank seems to have landed the Bank in such a huge mess which gives enough room to think if the Giant is on its way to a great fall. Since even a Cooperative Bank failure is a cause of concern to the community, even the thought of SBI failure is a thought that chills one's spine. Unless some drastic measures are taken it appears that SBI could very well cause India's next economic disaster. Sine TCS, one of India's largest software firm would be significantly responsible for such a debacle when it happens, the effect would be felt on the Indian IT industry as well as the stock markets.
As an experienced Banker myself, these comments are being made with extreme caution backed by specific observations in one of the branches of SBI. I hope that the observations and comments made here will be taken notice of by SBI, RBI and TCS and quick remedial steps are taken up so that damage can be contained...Details to follow..Naavi (January 10, 2006)
IPV6 Recommendations issued by TRAI
TRAI has today (9th Jan 2006) issued its recommendations on transition from IPV4 to IPV6. Accordingly, IP addresses in 128 bit format need to be made available by ISPs and compatibility to IPV 6 needs to be built in all applications using IP address inputs. The draft recommendations have been released for comments from stake holders. In particular, e-Governance applications are sought to be developed with IPV6 compatibility with immediate effect. TRAI has also suggested that Government should organize workshops and seminars to discuss the benefits of IPV6 migration to end users. Detailed Recommendations : Copy of Press release
No Data Security in USA
In what can be described as a reflection of the data security situation in USA, it is reported that theft of Social Security numbers and Credit card data is a growing menace in the country. It is stated that 130 security breaches were reported in 2005 exposing more than 55 million Americans to potential data theft risk. According to An adviser for the Treasury Department's Office Cyber Crime proceeds in 2004 in USA was an estimated US $ 105 billion (Rs 500,000 crores) were higher than the illegal drug sales. Details in USAtoday
France makes First Move
France has made the first pro-consumer move in the copyright fight on the Internet by passing a law to legitimize download of copyrighted material from the Internet for personal use. This is a trend setting move which should be considered for the drafting of the "Optical Disk Protection Act" in India. This should be viewed in the context of unreasonable litigation that certain copyright holders are initiating at common people..Details at news.com. Also see: Mom Fights RIAA Suit Solo
Sony Agrees to Pay Compensation
Sony has agreed to compensate buyers of CDs that contained the XCP and MediaMax DRM programs and to provide software utilities to allow consumers to uninstall both types of software from their computer. It may be recalled that the Digital Rights Management system used by Sony was allegedly a "Computer Contaminant" which could breach privacy of the users by extracting and forwarding some information about the users without their consent. Perhaps a similar action in India under ITA-2000 was/is also feasible. ..Details in news.com
Year 2005, An Year of Turbulence
The year 2005 was an year of turbulence in the Indian Cyber Law scenario. It marked the year in which the Ministry of Communications and Technology (MCIT) distanced itself from the public and sought to impose major amendments to ITA-2000 which could reduce the protection available to Information Asset owners and general public in India while trying to provide protection to Portal owners and intermediaries for any liabilities arising out of any cyber crimes. For the sake of archiving the major developments, let us take a quick glance at the developments during the year....Details
|
720 pages of Comprehensive Coverage on Cyber Laws Naavi's "Cyber Laws in India..ITA-2000 and Beyond", first E-Book on Cyber Laws to be published in India consisting of 720 pages of comprehensive coverage on Cyber Laws and relevant issues, available for online purchase at RS 300/- in download form and at RS 400/- on CD. For more information click here. |
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center
![[Valid RSS]](http://www.naavi.org/image/valid-rss.png "Validate my RSS feed"){kind=small}