Header image alt text

Naavi.org

Building a Responsible Cyber Society…Since 1998

The Motor Vehicles Amendment Bill 2016 which seeks to bring in many changes to the current Motor Vehicles Act has been approved by the Cabinet according to a report. (Refer here) The Bill is yet to be passed into an Act.

The Bill has caught attention of the public from several angles. One aspect that has been making rounds in the WhatsApp circles is the proposed increase in the penalties for traffic violations.

The second important aspect is the protection to good Samaritans proposed in the Bill so that accident victims may get immediate medical attention.

The third noticeable aspect is an attempt to define an “aggregator” like the Olas and Ubers.

According to the proposed section 2 (1A), an “aggregator” means a digital intermediary or market  place for a passenger to connect with a driver for the purpose of transportation”.

There will be a need for the “aggregator’ to get a license under Section 93 of the Act for which guidelines are to be issued by the Central Government. It is also specifically mentioned that the aggregator shall comply with the provisions of the Information Technology Act 2000 and the rules and regulations made there under.

The penalty clause under Section 193 proposes as follows:

“Whoever engages himself as an aggregator in contravention of the provisions of section 93 or of any rules made thereunder shall be punishable with fine up to one lakh rupees but shall not be less than twenty-five thousand rupees.”

“Whoever, while operating as an aggregator contravenes a condition of the licence granted under sub-section (4) of section 93, not designated by the State Government as a material condition, shall be punishable with fine of five thousand rupees.”.

According to these provisions, it would be mandatory for the Aggregators to be compliant with ITA 2000/8 failing which they need to face the possibility of a fine of upto Rs 1 lakh. This will be considered as additional to the penalties that may be imposed under ITA 2000/8 which will kick in when a wrongful harm has been caused by an “intermediary”.

It would be interesting to see how this section will be interpreted in practice.

Let’s watch the developments when the Bill is discussed in the Parliament. It is quite likely that the debate will completely ignore the impact of ITA 2000/8 though for us this is an important aspect to be taken note of.

It is also proposed that a”National Driving License Register” would be maintained (should be available in electronic form) and certain changes like change of address etc can be made electronically.

Also the State Government has been mandated to introduce electronic monitoring of enforcement (legitimizing the use of CCTVs, Speed Guns, body wearable cameras etc for booking offences) for which State Governments need to make rules.

The Central Government and the State Governments can also make rules for  the use of electronic forms and means for the filing of documents, issue or grant of licence, permit, sanction, approval or endorsements and the receipt or payment of money.

Naavi

Reference documents

Copy of the Amendment Bill

Copy of the present Act

 

[P.S: This post is meant for the Academicians and discusses certain theoretical concepts. Professionals in the Information Security domain may seriously dispute some of the concepts and it is considered perfectly logical and welcome.]

Naavi is a techno legal professional and has been thought leader in the field of Cyber Laws in India. Many of the innovative thoughts of Naavi have been expressed through this website and have found practical uses in the form of services.

As an academic practitioner, Naavi has applied his Technical, Legal and Behavioural Science training and education to the field of Information Security to develop his own version of Total Information Assurance (TIA) built on the pyramid model of hierarchy of TIA objectives from Availability to Non Repudiation through different stages of Integrity, Confidentiality, and accountability.

 

Naavi has adopted a model which differs from the traditional model with “Availability” as the foundation while traditional thinking of “Security” places “Confidentiality” as the focus and no hierarchical stacking of objectives. The reasons for the deviation is explained elsewhere and it suffices to say that it is based on the practical implementation thinking process of a business manager and stems from the basic premise that “Information Security is for the protection of the Information Owner” more than “Protection of the Information” and hence decisions are to be guided primarily from the business owner’s perspective and not the perspective of the Information Security professional if the two functions can be distinguished.

Similarly, Naavi propounded the “Theory of Information Security Motivation” based on the “Pentagon model” where he tried to explain the process of how Information Security implementation in an organization can be motivated for implementation by the practitioners. This adopted a closed wall integrated approach concept instead of the hierarchical concept under the premise that all 5 elements of IS motivation need to close in like walls to be effective.

The essence of the theory was that IS implementation cannot be motivated until the five elements of Awareness, Acceptance, Availability, Mandate and Inspiration formed a closed boundary plugging the possible leaks. This included the three dimensions of technology (availability and awareness), Law (Mandate and awareness) and Behavioural Science (Acceptance, Inspiration and Mandate).

Now, in the “Theory of Secure Technology Adoption” Naavi is focussing to study and present how in his view, technology is adopted by people and organizations and what is the role of security in such technology adoption.

Obviously there could be many other studies of similar nature which has thrown up different dimensions of this thought. This is yet another contribution to the academic pool of thought.

I will present some brief thoughts about the theory in subsequent posts and expect others to build on it and develop it with the central thought that “Secure Technology Adoption” has a pattern which we try to understand so that in future product/service developers would take note of why certain technologies get easily adopted and certain technologies get adopted after a lapse of time and certain technologies are shunned by the market.

In developing my thoughts on this subject I would be influenced by what I have read, studied, tought and experienced over time and hence reflect some thoughts of the great thinkers of the past. Such coincidences are incidental and not intentional.

Naavi