Bombay High Court Ousts Arbitration

January 29: In a landmark judgment passed by a Full Bench of the Bombay High Court, the Court has laid down the law regarding operation of an arbitration clause in agreements giving a license to use property executed in Greater Mumbai.  Resolving disputes through alternate dispute mechanisms, such as arbitration, are preferred options over litigation in India. Although arbitration agreements are held to be binding over the parties to such agreements, they are held to be void when a statute gives exclusive jurisdiction to a particular forum to try certain disputes. The full implication of the above judgment on the process of Arbitration is still to be explored by experts.

Naavi in the Mobile World

January 28: Recognizing the growing importance of the Mobile Space, Naavi has entered the mobile world with the hosting of mobile based content at www.cyberlaw.param.mobi and www.naavi.param.mobi . These sites will contain some brief information of content in naavi.org and cyberlaws4cxo.com.

China Accuses US of Cyber War tactics in Iran

January 26: China which is under attack for its own Cyber War tactics, has now accused US of using Internet to spread unrest in Iran by exploiting Twitter and You Tube. China which has already blocked You Tube, Face Book and Twitter is now challenged by  Google which has accused the Chinese Government of hacking and withdrawn its Search Engine services from China. Detailed Article

Motorola Seeks Ban of Black Berry

January 26: Motorola has sought ban on Balck Berry devices accusing of patent infringement. It is stated that most of the products of the Canadian Company Research in Motion (RIM) which is behind the Black Berry Products, infringe on at least one of the patents, which cover technology for Wi-Fi, application management, user interface and power management.  Detailed article

Monstrous Fine in Copyright Case reduced

January 26: The penalty of US $ 1.92 which had been imposed on Jammie Thomas, for downloading and sharing songs on the torrent network was reduced by a federal judge to US$ 54000. (US $ 2250 per song).  The earlier fine at US $ 80000 per song had raised questions on the fairness of the copyright law enforcement in US. "Whether it's $2 million or $54,000, I'm a mom with four kids and one income and we're not exactly rolling in that kind of dough right now",.. says Ms Thomas who is contemplating request for a further reduction. In the meantime, the decision to accept or go for retrial lies with RIAA who has been given a time of one week to respond. ..Detailed article

HIPAA Deadline Approaching

January 25: After the HITECH Act became a law on February 17, 2009, Business Associates in US were brought directly into the HIPAA regulations. It also introduced "Breach Notification" obligations for the BAs and also exposed them to the penal provisions of the law. While the penal provisions became effective immediately,  Breach notification became effective from  September 23, 2009. However HHS enforcement deadline for imposing sanctions was fixed at February 22, 2010 so that the BAs had some time for implementing the necessary controls. In the meantime the FTC also released its own enforcement deadline for breach notification for  vendors and internet services and vendors of  PHI. This will also be effective from February 22, 2010. In the meantime, the security rule under HITECH Act will become effective from February 17, 2010. This is the first time that statutory regulatory requirements are being directly imposed on the BAs. So far they were exposed to HIPAA risks under the indemnity agreement signed with the covered entities.

HIPAA and HITECH is relevant for Indian companies who are business associates of the US covered entities and US business associates of covered entities. Though the Indain counterparts are not directly under the provisions of HITECH Act, they will be required to meet similar obligations under the SLAs. Most US companies are already revising the BA agreements and imposing obligations on the Indian companies processing their PHI to confirm compliance of HIPAA-HITECH before February 17, 2010. This month will therefore be a hectic month for Indian HIPAA exposed entities.   Reference article

Bribes Extracted in the names of HCL executives

January 25: In a home grown version of a job fraud, an Indian family is accused of having cheated a professor of computer science intending to return to India from South Korea has been cheated to the extent of Rs 2.5 lakhs. In the process the accused offered a job in HCL Noida posing himself as a DGM and posing his wife as the AVP who conducted a telephonic interview and his father in law  as the Chiarman who wanted a share of the bribe. The case has been filed in Bangalore and investigation is in progress.   report in mid-day

Income Tax Refund Fraud in Mumbai

Jan23: It has been noticed that hackers have siphoned off a large amount from Income Tax department through bogus refund order payments. The amount has been credited to various Bank accounts through an ECS process. .. Report

News Letter Launched

January 22: In continuation of the efforts of Naavi.org to create better awareness of Cyber Law issues in the community, Naavi has launched a news letter titled Cyber Laws for CxOs. The news letter would start as a monthly news letter and distributed through a mailing list created through www.cyberlaws4cxo.com. Free subscription request is now received through the website.

The news letter would be distributed in PDF form with a html copy being hosted on the website. The inaugural issue was launched on January 22nd 2010. Subsequent issues are expected to be released during the third week of each month.

The inaugural issue is built on the theme of "Intermediaries and their role under ITA 2008". It consists of two interviews with CEOs of IS audit companies, an article on compliance requirements for Intermediaries under ITA 2008. There are also some news snippets. A Question and Answer session is expected to be added in future. The focus of the news letter would remain the Business Executives and the need for understanding Cyber Laws in the industry scenario. Naavi.org on the other hand is focussed on the impact of Cyber Laws on general public. We hope that the news letter would add a new dimension to the educational activities of Naavi.

Suggestions are invited from readers on how to make the issue more relevant. If relevant contributions are received from the readers, they may be accepted for publication in the news letter. All suggestions regarding the news letter can be sent to naavi@in.com

Chinese Company wants to expand facilities in Bangalore

January 22: In the midst of the debate on China Cyber Risk for Indian National Security, Chinese telecommunication giant, Huawei, has pledged to expand its operations in Bangalore, the ‘Silicon valley’ of India. In the next five years, Huawei plans to invest $500 million in its research and development center and double its employee strength from 2,000 to 6,000 personnel (China Economic Review, January 11, 2010). This Chinese company is said to be owned by Ren Zhengfei, a former PLA officer who is alleged to have close links with the Chinese Communist Party (CCP). Recently BSNL was advised to withdraw an order to this company for security considerations. It is also stated that the DOT has issued an advisory to mobile companies to exercise caution in installing Chinese telecom equipment in sensitive regions.

It is therefore necessary for the Karnataka Government which is in the process of attracting Chinese investment and technology in some infrastructure projects to exercise discretion and avoid Chinese involvement in any telecommunication projects. .. Related Article : Copy of China Brief

China Cyber War Intentions

January 22: Naavi.org has been highlighting the China Cyber Risk and need to develop Indian Cyber Security Strategies to cover these risks. Now many experts in US are also voicing similar concerns in the light of the Google incident. Mr Wortzel, a former US Army attache in Beijing has reportedly said " Companies that locate their research and development in China and employ Chinese citizens to work on their software have probably made Chinese intelligence and security services better at computer hacking. "

Indian Government also has to review its export import policies to China in respect of any thing related to electronics and communication. Indian Companies need to be restrained from locating software development facilities in China and also from recruiting Chinese personnel in the Indian projects. Similarly, import of electronic equipments with Internet capability from China needs to be regulated. At the ISP level, any outgoing traffic to Chinese IP addresses need to be subjected to strict monitoring. India should also work for an International treaty for monitoring internet traffic to China in which countries agree to monitor the outbound traffic to China so that any redirected traffic can also be regulated.

Related Article: moneycontrol.com : Also see : China Cyber Risk.. Action Required from CERT In by Naavi

South Korea sets up a Cyber War Center

It is reported that South Korea in its bid  to ward off  cyber attacks has set up a Cyber War Center under the Ministry of Defense which along a cyber police force will be charged with protecting government organizations and economical subjects from hacker attacks. It appears that they have already hired 3000 cyber security experts who essentially will be the Cyber soldiers. India needs to follow suit. Related Article

China Reacts to Google Issue

January 20: China has reiterated its commitment to Internet Censorship which it holds as the key to differences with Google. Related Article:  Article: Indo-US cooperation

While Naavi.org appreciates China's rights to define its own policies what we consider a threat is its activities of providing state support to hacking of foreign cyber assets without any provocation. A counter attack to an attack can be termed as "Hot Pursuit" and justified. But what China is believed to be doing is originating an attack in preparation for a future Cyber Supremacy. Even here we would like to focus more on how India should prepare its defense against China rather than simply be critical of China. But we would like all anti Cyber-China forces to come together and form a Cyber Alliance to fight against China. Here it is necessary for Google, Yahoo, Microsoft, Adobe, Cisco and other giants to come together and also rope in ICANN to exert an Internet embargo on China. India should support this and also develop its own "Indian National Cyber Defense Force" with participation of technologists from private sector. We urge the Indian Government to start thinking on how to set up a Cyber Army in India.

Cyber War Alliance Taking Shape?

January 18: The Cyberwar with China on one side and Google on the other side has now got Yahoo joining the Google side. This is the beginning of a global war and it is time to stand up and be counted. Organizations such as Microsoft, Adobe also need to support the alliance of Google-Yahoo. Microsoft may withdraw its software license to Chinese firms though this may be ignored by China since it already has a copy of the Windows source code. Additionally, a resolution need to be moved in ICANN to banish China from Cyber Space by delinking Chinese ISPs from the Domain Name Servers all over the world. This Internet embargo will disable the Cyber war capability of China. Related Report

Internet Embargo Required on China

The dispute between Chinese Government and Google is slowly assuming the nature of a ”Cyber World War” . Now Yahoo has expressed support with Google. If Microsoft also joins the alliance with Google, it would be like the alliance of US, UK and Russia against the Hitler’s regime. Other companies like Adobe, CISCO etc also need to stand up and take sides either for or against Chinese Government. This will be a struggle which will prove if Internet has the power to support democracy against a totalitarian government like China... More

Phishing Fraud Cracked by TN Police

January 17: Cyber Crime division of TN Police recently cracked a Phishing fraud and arrested one of the persons in Adambakkam, Chennai who assisted in the transfer of funds. This investigation was made possible by the Bank providing the necessary particulars in time for the police. It may be recalled that in a similar incident some time back, one of the leading Bankers failed to handover the evidences to the Police resulting in the Police being unable to make progress with their investigations. The Bank is now facing charges under Section 85 for vicarious liability and also an adjudication proceeding under Section 43 for their lapses in not only erasing evidences but because the persons who assisted in the crime were facilitated by the negligence of the Bank in opening the account and walking away with the proceeds.  Detailed Report in Hindu

Electronic Bill Board Hacked

January 16: An electronic bill board in Moscow was hacked and ran a two minute porn video in a public place. It highlights the need for Information Security even  such services.   Report

It is necessary for such service providers in Bangalore including the KSRTC buses to ensure that such mishaps donot occur since it would make them liable for punishment under ITA 2008.

...For a Copy of the E Book on Digital Signatures, Click here

IE Vulnerability used for the Google Attack

January 16: Microsoft has indicated that Chinese hackers might have used a vulnerability in Internet Explorer to hack into Google by a remote code execution. According to the Microsoft advisory, a vulnerability existed as an invalid pointer reference with IE. When a user visited a poisoned website, could gain the same rights on the user's computer as the local user which could be exploited. Related Report: Report in technewsworld : Related report

It may be recalled that Microsoft was forced to deposit  source code on its operating systems with the Chinese Government some time back as a part of a deal to permit Microsoft to sell its products in China. It is possible that Chinese Government may be using this for exploiting the vulnerabilities in windows. Since 2003, Microsoft has agreed to share the source code with the Chinese Government under an agreement. This has enabled Chinese Government to run Hacker Labs to exploit the source code vulnerabilities and lead the global market in Cyber Warfare. Also Read

Underground Cyber Crime Network Busted

January 16: A Pizza delivery agent, Renukanth Subramaniam, a British citizen of Sri Lankan origin has been arrested in London for running a large Underground Crime Syndicate called "Dark Market" involved in the exchange of stolen credit card data. The website available strictly for members offered online tutorials on account take overs, credit card deception and money laundering. It also sold fake ATMs and other devices required for the criminal art. Its 2000 members used web money and a distributed set up for administration of the site. An undercover agent was able to penetrate the network, pose himself as a buyer and trap the offender.... Report in guardian

How Do We Respond to Chinese Cyber Aggression?

January 15: For the last few days, Cyber Space has been presented with a big challenge. We are in a situation where we need to determine the right of Chinese Government to launch attacks on the cyber space of other Governments or Citizens of other countries.

On the one hand Indian Government is embarrassed about the hacking of e-mails of the National Security Advisor and other officials of the PMO in Delhi. At the same time the decision of Google to withdraw from China on account of the illegal Cyber attack on its resources traced to Chinese Government sources has thrown a challenge to the US Government on its ability to protect its citizens.

Now it is the time for the Indian and US Governments to respond to this aggression. ... More

Creating an Insulated Cyber Nation.. China Strategy

January 10: China has introduced a new domain name registration system effective from December 14, 2009 which requires a paper application from the registrants. The registered domain names would be added to a white list and all other domain names would be black listed at the ISP level. The regulations require a copy of business license to be submitted along with the application.

This stipulation is  being interpreted as banning of domain name registration by individuals though it is not clear if this is the intention. If so, this appears to be strategy to create a China domain name space where only registered domain names exist. Though the stated reason is to weed out the pornographic content, it appears that this is an attempt to insulate China cyber space from the rest of the world. In effect the first geographical boundary lines are being drawn in Cyber Space with this move. This could well turn out to be a retrograde step for the Chinese Economy. cnnic notification : CyberLaw Blog

Internet Advertising.. Ads to Visit site being visited!

January 10: Paid advertising is normally placed on Internet to invite audience on other websites to the advertiser's own website. A researcher has however indicated how the Google Ad programme has been used to place ads in the website of clients with links back to the same website and charging them for the ad exposure. It is presumed that it has happened due to use of pop up ads by advertisers and Google perhaps had no hand in this. Though Google may be an innocent victim of a misuse of the facility, it exposes one of the problems in Internet advertising.  Report in zdnet blog : the register.com

CAT 2009 .. Case Filed in Karnataka High Court

January 9: A candidate of CAT 2009 has filed a writ petition in Karnataka High Court to quash the test. The petition is pending admission before the principal bench of the High Court. Report in expressindia

Industry gives a Thumbs Up to ITA 2008

Jan 5: Data Security Council of India (DSCI) has released the results of a study on the State of Data Security and Privacy in the Indian Industry, conducted in association with KPMG and CERT-In with about 150 organizations participating in the survey from both IT and non IT industry. While a copy of the detailed report is available here, some of the notable observations are highlighted here.

It may be noted that Naavi is already in the forefront of a "Techno Legal Information Security Movement" to address these two implementation requirements. During 2010, more thrust would be added  to address some of the concerns indicated in this report.

Phishing Site of PNB

Jan 02: Just as the new year has started, customers of PNB have been greeted with a Phishing mail. The Phished website of PNB looks like this. The original PNB site hosted on pnbindia.com looks like this. The Phishing site tallies with the second page of PNB site at http://www.netpnb.com/index.html. It is interesting to note that the Phished page contains a warning on Phishing. On the log in page, real PNB provides the Phishing alert where as the Phished site provides a link to "Security Alert", both of which point to the same original web page at https://netbanking.netpnb.com/bayimgs/pnbibs/helpfile/SecurityAlert.htm.

Though this publication itself would be a sufficient notification to PNB, a separate e-mail is being forwarded to PNB and hopefully, they would take necessary remedial action. Failure to take necessary action would mean negligence of PNB to follow due diligence as expected under ITA 2008 and would also become an issue that would affect Clause 49 certification in the annual report.

Number Portability for Mobiles

January 02: Number portability across service providers for mobile users in India is expected to be introduced across India in April 2010. Earlier, portability was to be introduced in major cities in January 2010. This has been postponed due to non resolution of some security issues. ..Report

Naavi.org urges the Government to consider "E-Mail Portability" in India across licensed ISPs or E Mail Service Providers. This should enable secure e-mail services to be introduced by new service providers who can then take over the existing e-mail accounts. This may increase the security of e-mails.

The Era of "Cyber Law Aware CxO" is now in India.

Jan 01, 2010: Cyber Laws are the laws applicable to the Cyber Environment. Today's business environment is becoming increasingly dependent on Cyber Space. If an entrepreneur/business manager  has to plan his business today, he  has to go through many challenges.

If we closely analyse these challenges, we will understand how Cyber Law knowledge becomes essential for the business manager at every stage. Whatever business decision he takes revolves around e-strategies and therefore a fair sprinkling of Cyber Laws... More

---

 

Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.

The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.

The second key service is the Cyber Evidence Archival center which provides a key service to help administration of   justice in Cyber Crime cases.

The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.

The fourth key service is the online mediation and arbitration service another unique global service.

The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.

Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.

Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.

Naavi

---

Add Your Comments Here

---

If you would like to know  more about Naavi, the information is available here.

For Any Payments to be made to Naavi online :  Naavi_s Payment Center

RSS Subscription

BLOG POSTS