"This website is the Wikipedia of Indian Cyber Laws".. A Visitor's remark
For Digital Signature Certificates with Online Training on how to use them securely, Contact firstname.lastname@example.org
Human Bombs Ticking Inside an Organization
May 21: Speaking to an audience consisting of Security officials from different manufacturing industries, Naavi highlighted the need for an integrated PIH approach to Security In particular he referred to the "Human Risks" in corporate entity and highlighted how a Behavioral Science approach can be applied to identify potential insider threats and take steps for derisking. A Copy of the presentation made by Naavi is available here.
Copyright Amendment Bill Comments Invited
May21: A major amendment is in the offing through the Copyright Amendment Bill. While some of the amendments are welcome and are required for the digital era needs, some of the amendments are driven by the industry and may contain many harsh provisions which consumers may find it difficult to live with. In case members of public have views they can submit their views for consolidation as indicated in this article. : Copy of the proposed amendments
Customer Recovers 1.55 lakhs from ICICI Bank
May 18: A spin off from the Umashankar Vs ICICI case in which Mr Davidar, Adjudicator of Tamil Nadu had given a verdict in favour of the customer, in yet another case of security failure, ICICI Bank has returned the defrauded amount to the customer without a legal battle. We appreciate the approach of ICICI Bank in this case for having recognized the security failure. However, this case highlights negligence from Reliance Infocomm and we hope they have also learnt a lesson. .. Details in BL
Renewed Interest in .XXX domain name
May16: Several years ago, Naavi.org had discussed various ways of regulating Porn and one of the suggestions discussed was the creation of .xxx domain name extension pushing all adult websites to this domain. It would then become easy for regulators to block the websites if they want and for the adult content websites to carry on their activity. This was discussed in the article
Threat of Manchurian Chip
May 16: The Australian Security Intelligence Agency (ASIO) is reported to have ordered audit of all Chinese telecom equipments installed in Australia since they are suspected to contain the infamous "Manchurian Chip" to spy on the network. A similar approach is required in India as well. ..More
Google "Street View" draws flak from Privacy Protection Organizations
May 16: Google admitted that it had in its custody information which was picked from public Wi-Fi networks that was a clear violation of privacy norms. It has now requested permission for deletion of the information. It is strange that the Company did not take permission to collect the information but now realizes that it needs permission to delete the same. What Google has done is similar to what NTRO itself did in India snooping on private mobile conversations of politicians. Related Story IE,
Security Certification Agency for Telecom
May 16: The Government of India has taken steps to set up a security certification agency for telecom equipments to meet the perceived threat of telecom equipments supplied from China being a security threat. Mr N Balakrishnan, IISC, Bangalore has been requested to suggest a framework for the agency. This was a long pending requirement and the move needs to be appreciated. At last it appears that the Government of India has woken up to the security threats posed by China. These initiatives appear to be the initiative of the Home Ministry which under the leadership of Dr PC has taken several security initiatives which were being suggested by the security community for a long time and were being ignored.
It is however necessary that the system should not become an instrument of circumventing the current ban on import of Chinese telecom equipments. This requires a structure which is free from political and commercial influence. MORE. Related Story : Security jitters Related story in ET : ZTE meets Home Secretary
Intermediary Liability on Individuals
May 12: An Individual who didnot password protect his wireless routers and allow another to log in in their name and download pirated music has been fined Euro 100 (approx Rs 6000) by a Criminal Court in Germany. Related Story Related Blogpost
Digital Security Consortium
May 10: The recently held global Cyber Security Summit in Dallas, Texas highlighted the need for "Collaboration" in the field of Cyber Security. In India Naavi has been trying to achieve some form of coordination between different agencies and has put up several suggestions for Public-Private Cooperation as well as Cooperation between different private sector agencies and Police Stations. Unfortunately the concept of "Cooperation" is not an easy concept for either the Government agencies not the Private Sector. While the Private sector is always interested with "What is in it for me?" attitude, Government agencies are uncomfortable in any kind of association with the private agencies.
Naavi.org has therefore now embarked on bringing together the NGOs first into a "Digital Security Consortium" and sent out invitations to a few known agencies. It appears that some of these NGO s which are presently engaged in activities connected with Internet are willing to come together under a common umbrella of "Digital Security Consortium". Some additional thoughts on this is available in the April issue of Cyber Laws For CxO.
I invite all interested organizations to contact me to take this concept further.
Gurgaon Police File Case Against BPO
May 9: A case has been reportedly filed against a BPO in Gurgaon for allegedly tapping into the leased line of his neighbor and illegally tapping the bandwidth causing loss to the other company. Cases appear to have been filed under IPC but not ITA 2008. It is however not clear whether the tapping was intentional or accidental and whether it was caused by a mistake of the service provider in wrongly connecting the leased lines. More
Cyber Security Bill in USA mandates FISMA compliance on Civil Agencies.
May9: With effect from October 27, 2009, according to ITA 2008 certain information security compliance requirements were initiated along with a penalty clause. Accordingly, non compliance of ITA 2008 could lead to both civil and criminal liabilities on Indian companies. The already existing SEBI listing guidelines extend the corporate governance requirement of Clause 49 declaration by CEOs to cover compliance of ITA 2008 as well. It is interesting to observe that the Cyber Security Bill introduced in the US on 6th instantIndian companies in the private sector are yet to realize the impact of ITA 2008 and hopefully they will do so shortly. In the meantime, e-Governance agencies also need to voluntarily undertake Cyber Law Compliance audits for their projects and ensure that they donot overlook Techno Legal Information Security for their projects. Related Article
Adjudicators Meet in Delhi
May 9: A National Seminar on enforcement of Cyber Laws was held yesterday. Honorable Chief Justice of India Shri K G Balakrishnan inaugurated the seminar. The seminar is organized by the Cyber Regulations Appellate Tribunal under the leadership of Justice Shri Rajesh Tandon. During his inaugural speech, Chief Justice re-iterated that the Government has the right to block websites for pornography and other violations. (For a detailed discussion on the system of Adjudication, view Cyber Laws for CxOs, March 2010 edition)
Indian Extradited to US for Online Fraud
May 7: An Indian national has been sentenced to 81 months in prison for his alleged role in an international fraud scheme to "hack, pump and dump" online brokerage accounts in the US. Jaisankar Marimuthu, 36, a native of Chennai, who was extradited to the US following his arrest in Hong Kong, was also ordered to pay $2.4 million in restitution by US District Judge Laurie Smith Camp in Nebraska. Related Article
Mumbai Police Arrest Army Man for Child Pornography
May7: Based on a complaint received from Germany, Mumbai Police arrested an army officer for child pornography related activities. He was alleged to have uploaded certain pictures to a website and was also caught downloading and storing obscene pictures. Report in TOI
While we may appreciate the Mumbai Police having acted on the basis of a Complaint from abroad. it is noticed that when publications such as Times of India commit such offences, Police turn a blind eye. (Refer article
Chinese Telecom Hardware Banned
May 7: In a welcome move, Government of India has introduced a need for Security Clearance before telecom equipments are imported from China. This was a long pending demand from security professionals since a large part of Internet modems and ISP equipments are presently being imported from China. Ever since Chinese hardware supplies for Credit Card processing in UK were found to have been implanted with chips which could steal data, it has been pointed out that imports from China are a security threat. The current ban/need for security clearance has to be extended to all telecom and computer imports from China. Additionally, "Exports" from India which could be leading to transfer of technology should also be put on a review. Related Article
ICICI Phishing Fraud Case.. in retrospect
May 7: The Adjudicator of Tamil Nadu jolted Indian Bankers out of their cozy slumber by his decision on April 12, 2010 in the case of Umashankar Sivasubramaniam Vs ICICI Bank. In this case, the adjudicator PWC Davidar held ICICI Bank liable to pay damages to the extent of Rs 12.85 lakh on an alleged "phishing" fraud incident involving fraudulent transfer of an amount of Rs 6.46 lakh. In the ICICI Bank phishing fraud case, the Adjudicator clearly documents reasons why he considers it necessary to hold the bank liable not only to repay the involved amount, but also interest and other expenses.... More.. in searchsecurity.com
US Cyber Security Summit calls for Better Collaboration
May 6: An international Cyber Security Summit in Dallas called for more Public Private Collaboration to develop an international framework for a secureyberspace. It may be recalled that the Bangalore Cyber Security Summit held last year had also highlighted the need for public-private cooperation in Cyber Security and Naavi had presented a paper on "Building Sustainability in Public Private Partnerships". Some of the key Indian officials who missed the Bangalore Cyber Security Summit, have taken the trouble to attend the Dallas summit and perhaps will come back with some action plans for India. Recently Naavi.org has proposed a "Digital Security Consortium" as a means of bringing together Indian entities who are working in Secure Cyber Space which is a step in this direction. Related Article
DNS Queries to be Digital Signature based
May 2: On May 5, the 13 DNS root servers maintained by ICANN for domain name resolution will start exchanging data based on digital signatures. This is expected to improve the security of the system. ISPs are expected to have made necessary changes in their system to be able to properly receive the incoming responses so that the internet services remain unaffected. See related Article
Rules under Sec 43A expected in May 2010
May 1: Speaking at the IBA-DSCI seminar on Security Framework in Indian Banks, Dr Gulshan Rai, Director, CERT-IN indicated that rules under Section 43A is expected to be announced around May 10, 2010. He also indicated that notification of cyber crime incidents by Banks to CERT IN also may be necessary. He also took note that the software vendors are not auditing the banking software from the security point of view.
Security Incident Reporting System for Banks
May 1: RBI Governor speaking at a IBA-DSCI seminar in Mumbai on April 26th called for the setting up of a dedicated institutional set up for reporting of security breach incidents in the financial sector and called upon IDRBT to work towards it. He has reiterated the need for Bankers to upgrade theeir information security measures in the light of threats arising in technology banking. He has also spelt out "Ten Commandments of Security" which the Bankers need to consider. These include employee awareness, policies and procedures, timely security, appropriate investment, business reengineering, modernization, data integrity etc. Naavi's design of ITA 2008 compliance programme addresses all these issues. Watch out for a more detailed note on this.
PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar
PR Syndicate, (an organization of Corporate PR Professionals in Chennai,) celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life" was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More
Naavi's latest book "Cyber Laws Demystified" was soft launched at the Nimhans Convention Center during the Indian Police Congress. The book is a comprehensive coverage on Cyber Laws both ITA-2000 as well as IPR and other issues.
Structured into 24 chapters it also covers the proposed amendments to ITA-2000 in detail as an appendix. A copy of the Information Technology Act 2000 is also appended to the book.
The book also has several individual chapters on the legal issues of Cyber Banking, Cyber Advertising, Cyber Taxation and Cyber Terrorism.
The book is priced at Rs 750/-.
For Enquiries and Bulk orders click here. :
What is Naavi.org?
Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.
The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.
The second key service is the Cyber Evidence Archival center which provides a key service to help administration of justice in Cyber Crime cases.
The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.
The fourth key service is the online mediation and arbitration service another unique global service.
The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.
Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.
Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.
Add Your Comments Here
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center