Year 2013 in retrospect

The year 2013 ended with an intense debate on Bitcoins the virtual currency system that caused lot of ripples in the market. over the last one month, Naavi.org has been full of discussions on Bitcoin to the extent that discussions on other aspects of Cyber Law actually receded to the background.

However if we try to trace the developments on Cyber Law in India during the last year, the following points emerge.

1. Debate on Section 66A:

The controversy on Sec 66A continued during the year ending with a direction from the ministry of communications and information technology that no arrests should be made without the permission of higher officials in the department. Though the reference in the Supreme Court on the constitutional validity of Section 66A is still pending, there has not been any adverse news about the misuse of Section 66A.

2. Karnataka as Cyber Crime Haven

Another issue that on which lot of activity took place but remained unresolved through out the year was the status of Cyber Judiciary in Karnataka. After the December 27, 2011 when the then adjudicator gave out a judicial verdict holding that a “Company” can either be the complainant or an accused under Section 43 of ITA 2000/8, the undersigned has been fighting to get the order reversed. Though the next IT Secretary briefly reopened the case, Axis Bank managed to silence him with a vacation judge’s order of the Karnataka High Court. The Cyber Appellate Tribunal has registered the appeal but has no chair person to conduct proceedings since our Ministry in the center is not interested in appointing anybody but a chosen person who is not acceptable to the Chief justice of India. The Chief Ministers of the State are not concerned that the net effect of this development is that a cyber criminal cannot be prosecuted in Karnataka for most of the violations. Recently a writ has been filed by an advocate in Karnataka High Court to resolve the issue. Probably we may find a solution one way or the other for this imbroglio  in 2014.

In comparison, the Maharashtra adjudicator Mr Rajesh Agarwal was very active through out the year and decided on scores of cases.

3. Frauds on Exporters and  Importers

During the year the Exporters and Importers in India were specifically targetted with an e-mail based attack where the money due to be paid out to a designated business contact abroad or receivable from such a business contact was diverted to fraudster’s accounts. The amounts involved were huge and in most cases the losses have not been recovered since the fraudster is abroad.

4. E Banking Safety

Naavi continued his efforts on campaigning for better safety of E Banking and conducted workshops at RBI as well as some Banks.  During the year RBI also announced the possibility of new Banking licenses to be announced and Naavi has been bringing to the attention of RBI that the technology dependence of Banks is on the increase and it is time to make Cyber Crime Insurance mandatory at least for the new banking licencees.

During the year RBI also tried to issue new regulations which would Dis-Incentivize” the use of cheques and force public to resort to E Banking. Naavi conducted an intense campaign against the proposal which subsequently did not see the light of the day during the year. Hopefully the proposal has been dropped.

5. Bitcoins

Finally during the end of the year the Global Bitcoin conference that was held in Bangalore on December 15 2013 focussed the attention of the entire country on the phenomenon of Cryptocoins. However the publicity attracted adverse attention of the regulators and Enforcement Directorate and Income Tax authorities raided a number of Bitcoin operators in Ahmedabad and Tumkur and launched some enquiries. The full impact of this development will pay out in the next year and may have a huge impact on the Netizens.

The above is just a glimpse of some of the developments and I invite those who are interested to know the details to explore the site further.

In the meantime Naavi.org wishes all its readers a Happy and prosperous New Year.

Naavi

Share Button
Print Friendly

More Credit Card frauds in store

Recently a fraud of Rs 63 lakhs involving  gross negligence by Bank employees not ruling out their involvement. It is said that the Bank believed that the customer had a sore throat and executed large transactions including closing of FDs and remitting the amount to other accounts based on e-mail requests which were obviously not digitally signed.

See report

This incident indicated how current day Bankers have no idea of their responsibilities to the customers. It is as if a bunch of data entry operators have been designated as “Bankers” not withstanding some of them having MBA qualifications. They think that the entire banking is just punching some keys on the computer. For those of us who have undergone a rigorous training in Banking both on procedures and law, the current situation is completely unacceptable. This is not merely negligence but “Recklessness” for which they alone should be held liable.

Close on the heels of this Banker’s negligence comes a report about how many credit card/debit card accepting merchant establishments are reacting to the latest RBI guidelines that all POS systems should be able to accept the Pin entry for authenticating card payments. Many Banks have made ATM PINs also PINs for debit cards and hence the customers are using one single PIN with which they can pay with debit cards as well as withdraw money from ATMs.

Now it is reported that  many establishments are continuing to keep the POS in the cashier’s counters and asking customers to write the PIN on the back of the bill so that the card entry can be completed by the cashier without the customer needing to move to the counter. Some are asking the PIN orally so that the cashier can enter the PIN in the POS kept some where not easily reachable by the customer.

Any ordinary person should realize that if PINs are being revealed to everyone then any fraudster can easily clone the card, use the PIN and empty the Bank accounts within minutes.

It is clear from the report which comes from Pune but may be happening elsewhere that merchant establishments are expressing their ignorance on the risks. If this is not corrected immediately, we will be seeing that hundreds of card frauds would be happening in the coming days.

Merchant establishments which want to serve their customers at their table have to use WIFI enabled POS systems. Otherwise customers have to be called to the counter and provided with facility to confidentially enter the PIN. If this does not happen, then customers have to be indemnified by the Banks and the Merchant establishments.

Naavi

Share Button
Print Friendly

Bitcoin Regulation.. Where should the focus be?

We have been watching Bitcoin exchange rates growing exponentially at MtGox attracting the attention of regulators both from the point of view of the possible effect on the monetary controls of the Sovereign States and loss of Tax revenue besides the money laundering.

Regulators should also recognize another aspect of the market that could be a cause of worry. That is the growing number of Bitcoin clones in the market. A few days back only 9 bitcoin clones were visible. Yesterday the report was about 53 clones. Today the number of Bitcoin clones appear to have grown to about 142 as this report suggests. (Complete Directory of Crypto Coins)

Since Bitcoin protocol is an open source protocol, we can expect more Crypto currencies to emerge as we go on. In fact many of the “Reward Schemes” operated in the markets can overnight convert themselves into crypto currencies and provide a capital appreciation prospect to the reward points.

Regulators now have to therefore worry not only on Bitcoins, but on all other Crypto Currencies and the dynamics of the issue is is changing so fast that it is difficult for regulators to keep watching any more.

Let’s us now look at some of the major concerns of the regulators.

1. Use of Bitcoins (and all other Crypto currencies) for criminal activities:

Cyber Crimes is an important concern of the community. Today, the Cyber Crime related money laundering transactions is said to be bigger than Drug related transactions. There is therefore a legitimate concern that any system that assists in holding of assets in anonymous and liquid form, movable across the globe in minutes (like BTC) is an obvious choice of the crime mafia.

However the real concern of the society on Cyber Crimes is when money from the physical society is stolen via the Internet. Infact, if a virtual asset of one Netizen is stolen  or lost, the physical society would not be much bothered.  It is only when a person loses his Rupee or dollar balances in his Bank account that the physical society is really concerned.

Hence If Bitcoins are lost by a holder, it is only some body elese in the Bitcoin community who may be bothered and not the physical society regulators.

If the crime syndicate wants to use Bitcoins as the currency for rewarding crimes, they still need to transfer their crime income in Dollars or Rupees to BTCs and vice versa. The concern should therefore be about the “Conversion Point”.

IOW, BTC is not a threat to the society but it is only the convertibility of physical currency to BTC and vice versa which is a matter of concern to the physical society. 

2. Taxing of the Revenue

Governments everywhere are interested in “Taxing” the population and appropriating their wealth so that the Governance can be financed. Whenever they see people making profits in business, they therefore think of how to tax them. If they feel that the profits are earned relatively easily then the urge to tax on a higher tax bracket is more.

Currently the regulators can understand the part of the Bitcoin business which involves buying and selling of BTCs. This is no different from stock market or property transactions. Investors will make either trading profit or loss in the short term or long term. As long as such profits or losses are realized in local currency terms, they can be brought under tax net.

When the stocks remain in BTC form, the regulators need to arrive at a valuation scheme and they may either take the value as prevailing in MtGox or have a system of weighted valuation across a few top Exchanges.

Regulators will however have some difficulty on understanding the nature of wealth creation that occurs in the “Mining Activity”. The value created in the mining activity accumulates in bitcoin wallets which are difficult to trace and it is only when a person declares his holding will the IRS/IT department come to know of the existence of the BTC wealth of the citizen.

However once declared by the miner, it is possible for the tax authorities to value it in terms of the exchange rates and consider it as a property.

The cost of acquisition of the BTC is however not easy to ascertain. The cost of hardware and electricity as well as any other fees paid need to be taken into account just as in any other business. However there is a reasonable way of estimating this based on the calculators that are available. Some uncertainty may still be there when miners adopt innovative strategies to cool the processors and thereby save electricity.

However it would not be difficult for the tax officials to agree upon a cost declaration and allow it as a deduction from the value of the coins created and also agree to tax the holdings on the basis of holdings or on conversion to physical society currency at some point of time in the future.

They may also introduce a condition that unless the costs are declared during the year of operation, they will not be allowed as a deduction on sale in the subsequent years.

Hence taxing of BTC related operations is well withing the grasp of the regulators and can be easily managed.

3. Impact on the Economy

There is one more concern among regulators about whether holding of monetary assets by people as a parallel currency affect the money circulation in the economy and affect monetary policies such as interest rates etc.

This is unfounded since at present the vale of BTC wealth is too small in comparison with the physical currencies floating around.

Even when the BTC holding in an economy goes upto a significant level of say 10 to 20%, what it means is that there would be some “pseudo wealthy persons” in the society who can feel proud that they are millionaires. But their status would be like some property owners who may be sitting on prime property but may not have cash to meet their wealth tax obligations itself.

The wealth has value only when converted into domestic currency and when BTC is sold and coverted to local currency. The wealth then becomes part of the local currency and neither causes inflation or deflation on its own.

I therefore consider that the regulators need not have any worry about the adverse effect of BTC on the economy.

However, I  concede and strongly contend that there is a need to ensure that BTCs are not used as the currency of the Cyber Crime underworld or as the Currency of the criminals for laundering their crime money or for politicians to hoard their ill gotten wealth in BTCs instead of Swiss Banks.

In order to achieve this objective there is a need to regulate the “Exchanges”.  It is necessary for the Governments to ensure that conversion of BTC (Or any other Crypto Currency) to legacy currency of the land or vice versa has to be through a regulated process.

This means that the exchanges have to be “Authorized” and there has to be a proper “Record Keeping including an effective Know Your Customer norm” and “Record Submission to authorities”.

I suggest regulators to start thinking in this direction but otherwise let the crypto currency system to thrive on its own steam.

In fact if more Indians can start BTC mining, then ISPs would be happy with the higher bandwidth usage. Power sellers would be happy with higher capacity utilization ( I assume that power shortage is not an issue at the place of mining). IT hardware industry would be happy since it creates a market for more computers and specialized mining equipments. (Hope this would give a fillip to  computer hardware industry in India!).

More mining in India means more global wealth flow to India and more tax collection by the authorities.

Hope RBI is watching the developments in the right perspective.

There could be a concern however for the environmentalists and those who would like conservation of resources and prioritizing productive uses. The debate could be whether the amount of computing power that is getting diverted into BTC activity is worth the effort. (See the report here). May be this is left to a later point of time when the activity is more significant.

Naavi

Share Button
Print Friendly

Beware of virus riding on Bitcoin

With the exploding interest developing in India on the Bitcoin, the malware writers will be looking at every possibility of using the bitcoin craze to spread viruses and trojans.

Already, spam mails appear to be in circulation trying to entice the Netizens to open infected links to install trojans. A greater risk is through downloads of various programs from the internet some of which seem to be in no way connected with Bitcoin.

It is now known that there are many such downloads where a Bitcoin miner is embedded for mining Bitcoins for third parties botnet” specialzing on bitcoin mining using the victim’s resources.  In this case the Bitcoins generated in the victim’s computer would be credited to the wallets of a third party.

It is necessary for netizens to know that employing such embedded bitcoin miners is  considered a “Computer Contaminant” and such activity is a serious offence in India. Even when approval for the installation of the Bitcoin miner is surreptitiously obtained through the terms and conditions or privacy documents, the Courts are unlikely to approve such clauses in a standard form contract.  The offence imposes both civil and criminal liabilities.

Indian law also provides for collection of compensation for the damages suffered with the installation of a computer contaminant and for determining compensation payable, the wrongful gain made by the person who caused the installation of computer contaminant would be a factor to be considered. This means that the compensation that can be claimed Bitcoins generated by the malicious code includes the value of the Bitcoins generated.

It would be interesting if any such case arises.

Naavi

Related Article

Share Button
Print Friendly

Negligence of Export Promotion Councils, ECGC and Banks lead to Rs 2.35 crore fraud

In what has now become a routine type of fraud, a tobacco exporter  in Andhra has been defrauded to the extent of Rs 2.35 crtores.  Naavi.org recalls its open letter  to RBI and ECGC in its post on July 14, 2013 about the increasing nature of such frauds.

Way back on October 30, 2011, writing in Exim Matters, Naavi in his article “The Law of Internet For Exporters” had highlighted the dangers of relying on unauthenticated e-mails and the possibility of exporters becoming victims of frauds. This was followed up in the next article on the use of Digital Signatures. Had the contents of these articles been properly assimilated by exporters, some of the frauds which we are now facing could perhaps have been prevented.

Again in the July 14, 2013, Naavi.org had highlighted the responsibility of RBI and ECGC on educating Exporters and also black listing some of the destination countries to which fraud remittances are usually sent. No action came forth from these regulators and the problems continued.

In the latest fraud incident the money has been sent not to Nigeria or China or Hong Kong but to USA and Turkey. It therefore appears that these fraudsters have now spread their net across other countries as well. In all these cases the original remittance instructions of an Export or Import order had been altered through fraudulent e-mails. Obviously the original contracts were in the knowledge of banks and therefore they were also privy to the fact that the terms of payment had been changed before the final remittance. This is an easily recognizable modus operandi of these fraudsters and if the Bankers had a reasonable knowledge of such cyber frauds, these could have been prevented.

I therefore place the responsibility for these frauds at the doors of irresponsible and ignorant bankers. The regulators such as RBI and ECGC also has to share the blame for not properly educating the Bankers in this regard.

I therefore suggest that just as the Police in Bangalore have recently pulled up Banks for their lack of security in ATMs, Police in Andhra should pull up Banks in this case by invoking their vicarious responsibility in this regard.

In the meantime ECGC may have to absorb the loss since the Exporter here is also a victim of a Cyber Crime.

Naavi

 

Share Button
Print Friendly

Is Bitcoin legal?

While the Bitcoin system is gaining increased attention in the media, it is essential to debate the legality of the system as per Indian laws.

It is reported that there would be a global conference in Bangalore on December 14th and 15th in which Bitcoin is being promoted in India.

Naavi.org would like to invite comments on the legality of the system as per ITA 2008.

Watch this site for more details in due course.

Naavi

Also Read

Share Button
Print Friendly