National Netizen’s Rights Commission Required in India
Estimated Loss on account of Cyber Crimes
January 30: According to a Mcafee study, data theft and cyber crimes have cost globally around US $ 1 trillion (Rs 45,00,000 crores). The estimate is based on the survey done in US, UH, Germany, Japan and China and includes the estimated IP losses. Respondents estimated that they lost data worth a total of US$ 4.6 billion and spent around US $600 million in post incident cleaning up operations. News report
NDTV needs to Apologize
January 29: The recent incident where the NDTV Managing Director, Ms Barkha Dutt has reportedly taken offence to a comment made in a blog forcing the blogger to tender an apology reflects a sad state of affairs where one journalist is trying to curb another. The issue related to the TV coverage of the Mumbai blasts which the blogger called “Shoddy Journalism”. (See posting dated Nov 27, 2008) Subsequently, he is appeared to have been forced to tender an apology having been threatened of a defamation suit by Ms Barkha Dutt.
It is unfortunate that one journalist who should know more about journalistic ethics and freedom of expression decided to use the clout she wields on the blogger.
It is difficult to accept that the blogger’s remarks amounted to “Defamation” and perhaps the strong notice that some lawyer might have drafted on behalf of Ms Barkha must have made the blogger decide that it is not worth fighting against a big channel which also is considered Pro-Government and must have political clout too.This is a clear case of a blogger being intimidated for expressing his honest views.
I urge the Press Council of India to step in suo-motu and take action against this assault on the freedom of expression of a fellow Net Journalist. In the event Press Council thinks that the blogger is not a journalist and not registered with them and therefore not eligible to be protected, then it is time for bloggers to set up a “Blogger’s Association” and seek recognition as a “Collaborative media vehicle”. This collaborative entity should register itself as a “journal” and seek registration with the Press Council.
In the meantime, even without the responsibility to protect a blogger, Press Council should consider that it has a duty to prevent its own members acting unethically and should initiate a disciplinary proceedings against NDTV so that a counter apology from them is obtained. Views and counter views welcome.
Related Article: http://desicritics.org/2009/01/29/055451.php : A blog post : Some Media Responses: IT Examiner : CIOL Times
ITA 2000 Amendments ... Impact on IT Companies
January 27: The substantial amendments passed on December 22/23 by the Parliament has been watched keenly by IT and ITES companies. Many are happy since the resulting ITA 2000 -Version 2008 which we prefer to call ITA 2008 has tried to address the demand for "Data Protection". While the two sections, Sec 43A and 72A directly impact IT Companies dealing with data processing, some of the other sections also have a significant impact on IT companies and could be source of irritation as well.
In case appropriate safeguards and a monitoring mechanism is not immediately set up, there is a grave danger lurking ahead for IT companies and its executives who may become pawns in the hands of law enforcement officers who know where the law pinches and is able to tickle the sensitive spots in the IT industry....More
Beware of this Credit Card Fraud
January 26: A new type of Credit Card fraud has been reported and for the general information of the Netizens, the details are provided here. Details
Jan 23: A debate has been launched on whether it is proper for Government of India to charge a fee for downloading gazette notifications from its website http://egazzette.nic.in. After the issue was raised through this site and some e-groups, Naavi has received several views and opinions on the same. In order to expand the scope of this debate, a more detailed note on the issue is presented here and comments from public are welcome. Views received in other fora will also be consolidated here for general information. ..More
Online Child Protection Act Squashed in USA
The US Supeme Court upholding Free Speech considerations decided to squash the 1998 Child Online Protection Act. The act was an attempt to control commercial sites by requiring credit-card access and other devices to screen off minors. The courts concluded that financial filters would have the effect of walling all manner of speech, by imposing costs and screens that imperiled the rights of adults to lawful information. The Act had been framed after the Supreme Court had struck down the Communications Decency Act in 1997.
In 2004, the Supreme Court had said the Act could restrict access to free speech protected by the First Amendment to the U.S. Constitution. In a 5-4 decision, the Supreme Court had sent the case back to the 3rd U.S. Circuit Court of Appeals in Philadelphia to determine whether young people could be protected from online obscenity through software filters. Last year, the lower court decided that software was an equally effective, and less restrictive, way to prevent children from viewing sexually explicit material online. The federal government appealed that decision to the Supreme Court, arguing that half of American homes where children can access the Internet lack filtering software or other technology to block obscenity. The American Civil Liberties Union challenged the law and argued that filters are more effective than a U.S. ban, which cannot be applied to foreign Web sites. The law also failed to cover e-mail, newsgroups, and chat rooms, which are used to disseminate pornography. This week, the Supreme Court dismissed the appeal, in Mukasey v. ACLU, without comment. That prevents the Act from taking effect.
...... decisionDigital Signatures under ITA 2008-A Blunder Repeated
Jan 19: Information Technology Act 2000 (ITA 2000) had prescribed Digital Signatures based on Asymmetric Crypto system and Hash system as the only acceptable form of authentication of electronic documents recognized as equivalent to "Signatures" in paper form.
When ITA 2000 had been drafted, there was a major blunder in the drafting of Section 35 subsection (3) which made it mandatory for an applicant of a digital signature certificate to enclose a "Certification Practice Statement" along with his application. Naavi.org had pointed out this blunder immediately in the article "An Embarrassing Oversight? Or…?". It however took several years to correct this by a notification by an executive order dated September 12, 2002. Though there was a comprehensive amendment now, the subsections 35(3) and 35 (4) have not been officially corrected and the need for submission of Certification Practice Statement by a digital signature certificate applicant remains in the books.. indicating the gross negligence in the drafting of the Bill. Now this blunder has been accompanied by more avoidable confusions.... More
Post Satyam, Chartered Accountants focus on Fraud Detection
In a quick response to the Satyam incident where a massive fraud was facilitated by either the complicity of or gross negligence of PWC auditors, ICAI has taken steps to bring a higher focus on the development of "Fraud Detection Skills" amongst the Chartered Accountants. Accordingly, Institute of Chartered Accountants of India (ICAI), has introduced new study modules for CAs on ‘fraud and forensic accounting’. Report in BS
Another BPO Fraud Reported From Noida
Even while the new provisions of ITA 2000 regarding Data Protection related liabilities are awaiting notification, yet another fraud in the BPO segment has been reported from Noida. An employee since 2004, the accused, the team leader Edward Burns, manipulated the data available to him to get the client insurance company to pay an unwarranted total amount of 56,560 British pounds (Approximately Rs 41 lakhs) into the accounts of his three associates. These are three London residents, E Maurice, Chi Shigongli and Cheryl Rebiero. He used to manipulate this payment to be paid from the client's "dead'' insurance amounts. He had been carrying out these transactions since 2007. This is a typical Insurance fraud but in the context of the vicarious liabilities of the BPO under Section 85 of ITA 2000 read with Section 66, the BPO may be held liable to pay damages to the person to whom wrongful harm has been committed. It may be recalled that only a few days back another fraud by a Call Center employee of HSBC had been reported from Vishakapatnam where a loss of around Rs 47 lakhs had been stolen when the client had accidentally revealed the PIN to the employee during a conversation.
The incidents again highlights the need for "Appropriate Legal Compliance Initiatives by BPOs" to protect against being held liable for the employee frauds. Report in TOI Vishakapatnam Fraud
e-Gazettes in India
Information Technology Act 2000 enabled the Government to maintain and issue gazette notifications in India in e-form. Though the act became effective in 2000, it was only in May 2008 that the Government of India published the e-gazette. While one can appreciate the efforts even after the delay, it is unfortunate that the Government considers the information provided through gazette notifications as a salable commodity and wants to make profit out of it. While the publication in paper form had a substantial cost which the Government was subsidizing by charging for print copies, the e-copy generation and maintenance cost would be much lower. In this context it is essential that the Government makes the copies available free of charge. I suppose it is the right of a citizen to get copies of the rules of governance contained in the gazette notifications. I hope the Government of India will therefore consider making the gazette notifications free.
Powers of State Governments Redefined by ITA 2008
Jan 10: Section 90 of ITA 2000 (which has been continued in ITA 2008 also)
empowers State Government to make “Rules” for the purpose of implementing
the provisions of the Act. There is a specific mention of the section 6
which was in relation to e-Governance requirements such as filing of forms,
granting of licenses, receipt of money etc.
In ITA 2000, there were not many powers conferred on the State Government
other than the e-Governance provisions under Section 6 and to a limited
extent the powers given to Police as a State Controlled body under Sections
76,78 and 80. Under ITA 2008, the words “..without prejudice to the
generality of the foregoing power..” used in Section 90 (2) assumes a
greater meaning now since ITA 2008 envisages a lot more responsibilities
and powers to State Governments under the amended provisions. ..More
Cable Regulation Act to enforce strict censorship
As a sequel to the live telecast of Mumbai terrorist attacks, which was used by the terrorists to plan their actions, the Government of India has come up with a move to censor the operations of TV and Cable operations through an amendment to the Cable TV Regulations Act. Related Article. It is reported that the proposal will be kept on hold for the time being at the intervention of the PM.
Indo Pak Cyber Wars
Here is an interesting article on Cyber wars. Though the incident mentioned is old, the security situation might not have changed much. In the ITA 2008, responsibility is being assigned to what is referred to as the Indian Computer Emergency Response Team as the nodal agency for securing the critical information infrastructure. It is expected that the current division of DIT referred to as CERT-In may itself be formally designated as the Indian Computer Emergency Response Team. We have to wait and see what sort of security infrastructure would be created by the organization to protect the cyber assets such as BARC network etc.
Cyber Stalking
Cyber Stalking is an offence which until recently was not an offence recognized in India. IPC covered some aspects of harassment which involved sexual overtones only and hence the larger part of Cyber Stalking did not get covered under law. Now ITAA 2008 has provisions under Section 66A (c) has necessary provisions to make Cyber Stalking an offence with three year's imprisonment and fine. Here is a useful article on Cyber Stalking
Pakistani media train their guns on India through Satyam
It is not surprising that the Satyam scam will be used by India bashers to discredit India and its growing IT industry. It is therefore not surprising that Pakistan should try to use the issue to discredit Indian IT industry. The article in Lahore tech referred to here tries to link the earlier World bank related security breach incident to the possible political clout of Mr Raju and tries to conclude that Satyam was a partner in an espionage activity. This underscores the need for Indian industry to ensure that we all contribute in turning around Satyam incident from being a cause for depression and helpless ness into a building block for fortifying our country's image as an IT major. Just as the 26/11 Mumbai attacks have changed the psyche of our country on the issue of terrorism, this incident should make our IT industry stronger from the information security angle.
Copy of article at lahoretech: Related articles in naavi.org: Terrorist Intrusions to IT Companies? : Organizational Responsibilities for Fraud Prevention
Whither Earlier Amendments to IPC and IEA?
January 10: In the original ITA 2000, there were sections 91,92,93 and 94 which were linked to Schedules 1,2,3 and 4 and addressed the concurrent amendments made to IPC, Indian Evidence Act, Bankers Book Evidence Act and RBI Act. ..Now in the present amendments, Sections 91 to 94 have been omitted. ..This process has created a doubt about whether the omission of Sections 91 to 94 of ITA 2000 has the effect of repealing the amendments proposed by these sections and reverting the IPC and IEA to the pre-ITA 2000 status...More
Chartered Accountants call for action by ICAI on Satyam Auditors
Jan 10: The Satyam scam has left a deep scar on the credibility of the auditors who audited the financial statements of the Company. On 9th January, a seminar at Bangalore organized by the SIRC, saw a huge gathering of Chartered Accountants assemble to discuss the IFRS, the new accounting standards to be adopted in India in the coming years. The CFOs of Infosys and Wipro were the main speakers at the seminar. The gathering made many observations and suggestions to ICAI in the light of Satyam fraud which calls for immediate attention from ICAI. ...Details
Mumbai Police to initiate action to secure private WiFi connections
Jan 10: Mumbai police have announced that they would undertake an exercise to detect open WiFi connections by patrolling the streets with WiFi detectors. As a public education exercise the move is good. We hope that it would not be used to harass domestic users of Internet. On the otherhand, liability in cases of unsecured connections should be pinned on the ISPs who donot educate the users. Related Articles
Amendments to ITA 2000 Cyber Crime Friendly?
Mr Pavan Duggal one of the country's experts in Cyber Law has come down heavily on some of the provisions of ITA 2008 which make offences "Bailable". (We may note that they are also compoundable). He has also rightly opined that making Section 66 offence conditional to "having no permission from the owner of the system" would also weaken the law. Probably we may need to manage these contradictions under a proper interpretation of the term "Permission" under Section 43. Accordingly, when a person is given permission to "access" a computer system, it cannot be considered as a "Permission to diminish the value of information residing inside the computer". With this interpretation, it may be possible to apply Sec 66 in most cases. What however restricts its applicability is the condition that the action of the accused should be done "Dishonestly" and "Fraudulently" and the onus of proving the same is on the prosecution. Article in BS
Jan 07: Information Technology Amendment Act 2008 has made many significant changes in the prevailing laws of cyber space applicable in India, one of which is regarding Cyber Cafes. In the New Act (To be effective after notification) after amendments which we refer as ITA 2008 has however provided a specific definition for the term "Cyber Cafe" and also included them under the term "Intermediaries". Several aspects of the act therefore become applicable to Cyber Cafes and there is a need to take a fresh look at what Cyber Cafes are expected to do for Cyber Law Compliance... More
Punjab Police Steal a March in e-Governance
Jan 07: Punjab police are reported to have started registration of FIR online. This is one reform which Naavi.org has been advocating over a long time as a Citizen Friendly e-Governance service. Karnataka made a beginning with an online complaint filing system but it falls short of the Punjab initiative. We congratulate Punjab police on the move. Report in TOI
Auditing of Documents- Information Technology Act 2000 Amendment
Jan 07: The amended Information Technology Act (ITA 2008) has brought a significant change in the E-Governance related provisions in the Act. In ITA 2000, enablement of e-Governance had been provided through sections 6, 7 and 8. In ITAA 2006, a new section Section 6A had been proposed. Now on the recommendations of the Standing committee, section 7A has also been added.
In some cases of e-Governance, it may not be possible to comply with this provision fully in respect of legacy documents. There would be a need therefore for giving a prospective effect to this provision.
This is an interesting opportunity for the IT industry which needs to come out with necessary solutions. Naavi would be keen to work with an IT Company for the development of this CyLawCom product and invite proposals from interested parties. ...More
A
![[Valid RSS]](http://www.naavi.org/image/valid-rss.png "Validate my RSS feed"){kind=small}