Comments on the Parliamentary Committee Report on ITA2006
Employee of India Infoline Ltd Alleged in a Cyber cum Financial Fraud
As the Stock markets in India raid high, there appears to a simmering volcano beneath the waves which can blow out any time and create a tsunami which could be sending the markets down crashing.
The indications are available in some of the complaints from investors that are trickling into to CCC_RAC (Cyber Crime Complaints and Resolution Assistance Center of Naavi.org).
The tragedy is that the fraud is a combination of a Financial Fraud and a Cyber Crime. and so complex that there is a danger of the fraud being suppressed under one pretext or the other.
We have come across a few such incidents from Mangalore in which an employee of a well known broking firm India Infoline Ltd is allegedly involved. We also gather that there are many more victims in Mangalore who have suffered from the same broker firm. There are complaints of similar nature on other branches of India Infoline as well as a few other brokers. ..More
Even in Canada there is a felt need for Specialized Cyber Crime Police
Cyber Crimes have been posing a challenge to the Police everywhere and the challenge is getting tougher and tougher. Even in technically advanced countries such as USA, it is felt that the technology aspect of Cyber Crimes is too difficult to be handled without specialization.
A report released last week by a Toronto based market analysis firm International Perspectives, outlines the following key recommendations for the government:
-- Establish a separate agency to deal with cybercrime, which should go beyond a task force housed within a bigger department.
-- Create an oversight body for technical matters in security and investigations. The oversight body should consist of representatives from industry, privacy, security and law enforcement, law and academia.
-- Ensure activity that is currently not recognized as illegal under existing legislation is criminalized as soon as possible. Many types of cybercrime are enforceable under existing legislation, but those that are not need to be addressed.
May be in India too we need to look at an All India Cyber Crime Police Service to effectively deal with the issue of Cyber Crimes.
Beware..Another Harshad Mehta bomb is ticking in the Indian Market.
Indian Stock Markets have been raiding high in recent days with the index reaching record levels. Investors are bullish and more funds are expected to flow in.
CCC_RAC (Cyber Crime Complaints and Resolution Assistance Center of Naavi.org) has received a few complaints of large scale investment frauds committed by a well known Investment broker. The indications are that such frauds have been wide spread and probably fuelling the current bullish trend in the market.
It is therefore time for investors to be prepared for a major shake up in the markets like the one seen in the post Harshad Mehta scam expose.
Investors who are aggrieved by online frauds may contact CCC-RAC with necessary information for guidance through e-mail
Mobile Companies to Scan SMS?
In an interesting developments, it is reported that mobile companies in UK are contemplating installation of software that would scan SMS messages and identify key words. The report suggests that this is being contemplated for commercial reasons such as when the words "hungry" is identified, an advertisement about a local restaurant may be displayed.
Some time back it was also reported that the "Blue Tooth" technology may also be used for advertisement support so that when a blue tooth enabled mobile holder passes across a shop, he would get an advertisement about the shop delivered to him.
These developments look like "Great Fun" but are fraught with serious concerns regarding Spam and would attract serious opposition from Privacy supporters.
A spin off benefit to the "Cyber Crime Managers" is that with these services meant for revenue generation, mobile companies will be admitting technical capability for scanning and filtering messages and hence law enforcement may require them to identify terrorist and criminal communication. Today mobile companies in India are refusing even to install software for IMEI filters and the availability of software for SMS filtering would throw up serious questions about the "Due Diligence" requirements of Mobile Service Providers.
Related Article in timesonline UK
Legislation against Spoofing of Calls ?
The U.S. House of Representatives last month approved legislation that would make it a crime for someone to fake their phone's outgoing information for nefarious purposes.
The "" would make it "unlawful for any person within the United States, in connection with any telecommunications service or VOIP service, to cause any caller identification service to transmit misleading or inaccurate caller identification information with the intent to defraud or cause harm."
Recently, in a TV debate there was a discussion whether there is any law in India which addresses this issue. Naavi was of the opinion that IPC can be applied in such cases as "Impersonation" and "Cheating" and in some cases even Section 66 of ITA 2000 may also be applied. At the same time Naavi also opined that Mobile Service Providers and Portals who do not take reasonable efforts to prevent misuse of the technical facility are liable under ITA 2000.
Indian Express Page Compromised?
Recently, the news of Compromise of Bank of India website resulting in the automatic downloading of Trojans to the computers of visitors highlighted the risk to common men of slack web security by business entities.
Now another interesting incident has come to our notice where the public are being taken for a ride by a spammer. The spammer appears to have introduced a script in one of the web pages of the Indian Express website and any person who visits the page is directed to the website of the spammer...More
CNN IBN Joins in the dis-information Campaign
After TOI it is now the turn of CNN-IBN to start campaign for dilution of the Information Technology Act 2000. The PR mangers who are out to make Information Technology Act 2000 a toothless legislation and give a free rein to Cyber Criminals, are doing an excellent job of manipulating media opinion. The latest to fall prey is CNN-IBN which campaigns for omission of Section 80 of ITA 2000 which provides restrictive powers of arrest to Police. See the Report
Section 80 of ITA 2000 provides that only Police above the rank of DSPs, and only in public places can search and arrest persons only if they are about to commit an offence under the Act. This is a highly restricted power much less than the powers available under CrPC.
If even this power is not made available to Police, then can the Police wait for a Judicial Warrant before every arrest while the criminal takes his time to erase all evidence?
Journalists who are not aware of the real requirements of Law enforcement are passing lose comments on the proposed law and echoing the words of vested interests who want "Business Without Responsibility". ..Naavi
Kudos to the Parliamentary Committee
The Parliamentary committee headed by Mr Nikhil Kumar has done a wonderful job of reviewing the proposed amendments to ITA 2000. Naavi.org has been commenting on this from August 2005 expressing shock and dismay at the proposals which were condemned as "Criminal Friendly" etc. Finally when we had lost all hopes of correction, the report from the Parliamentary committee comes as a very pleasant surprise. We see from the report that CBI has done an excellent job of defending some of the views endorsed by Naavi and the Committee has not been taken in by the untenable arguments of the DIT in certain cases.
We express a strong appreciation of the efforts of the standing committee and hope that the department of IT would see reason and make necessary corrections to their earlier proposals. Details
Also Read the e-book of Naavi released after the Expert Committee's Report hghlighting the weaknesses in the recommendations:
Cyber Regulations Appellate Tribunal
From a perusal of the Parliamentary Standing Committee's report it is learnt that the Government of India has appointed the Cyber Regulations Appellate Tribunal. This information had not so far been publicized and there was no public knowledge of this development. We will try to get more information of the working of the Tribunal at the earliest.
Recipe for Killing Journalistic Ethics
Times of India, a leading News paper in India recently took up a campaign aimed at legislative immunity for Internet Intermediaries. Accordingly, a sensational article titled "Recipe for killing Internet in India" was carried by the news paper on October 17th 2007. This was followed by an editorial on October 18th titled "Don't Chain The Net" .
These articles were picked by media all over the world and an opinion is being created in the global Netizen community that India is trying to pass laws to punish Internet Service Providers for all the content that is whizzing past their network in nano seconds. If one scans the Net, we can find harsh criticism being passed against the so called proposal.
Naavi.org which is India's premier Cyber Law portal has been quick to point out that Times of India report was wrong and probably motivated by considerations other than journalistic ethics. The reasons why Naavi.org comes to this conclusion has been detailed in the article "Please do not try to manipulate public opinion with planted stories"
While I am fully in support of freedom of speech, I also feel that there is a need to promote responsible use of Internet. If promotion of s responsible use of Internet is opposed by leading publications such as Times of India, then it would amount to public dis-service.
We strongly condemn the anti community attitude of a major publication and request the Times of India Ombudsman and the Press Council to take corrective action. Otherwise this will be a "Recipe for Killing Journalistic Ethics"...... Naavi, October 21, 2007 Full Article
You Tube Used to Raise Funds for Al-Qaida..Lesson for Times of India
Times of India which is actively supporting "Internet Intermediary Immunity" through legislative amendments should take note of this news report which indicates that You Tube has been accused by Manla Police of having been used for fund raising by Al-Qaida organizations.
TOI should realize that in opposing the Parliamentary committee's observation on the proposed amendments to ITA 2000, TOI is supporting a situation where You Tube recognizes to acknowledge such illegal activities and to take steps to prevent such misuse.
TOI should also note that You Tube itself acknowledges its responsibility for preventing Crimes through their network in the Copyright area by implementing Copyright filters.
If filters can be introduced for imprinting and identifying watermarks or other identity parameters on a video, can Intermediaries claim that it is not possible to identify and regulate illegal content through appropriate content filters?
What the current ITA 2000 expects as "Due Diligence" is an honest and good faith attempt in this direction.
Can Times of India Editor respond and let the public know why it is creating a global sensation that in India regulation is being mooted to kill Internet?
Cyber Command Vision Discussed in USA
Directors of the Cummings Research Park in Alabama and the newly forming Cyber Innovation Center here shared a mesmerizing vision of where brains, technology, drive and desire can take communities serving national and regional needs.
Experts explained what cyber means to the national and international defense community, as the full electromagnetic spectrum that essentially ties together all the other areas where people live and work and where nations and their militaries defend and fight. That's the land, sea, air and space and then in the world of electrical power, broadcasting and information transmission that is behind almost every part of modern life today.
They also explained how that plays into the development of Air Force Cyber Command, provisionally at Barksdale Air Force Base as a headquarters but permanently here through 8th Air Force and its Cyber-Strike component, and the Cyber Combat Development Center.
Related Article at Naavi.org: Indian National Cyber Security...Challenges
China in Cyber War with USA !
It is reported that Chinese users trying to search on Google, Yahoo and Microsoft websites were being directed to the Chinese search engine. The move is said to be in retaliation for Washington's award to Tibet's exiled spiritual leader the Dalai Lama.
If this is done at the level of Haidu, as some allege, it becomes a Cyber Crime> however, if it is true that it has been initiated by the Chinese Government, it becomes part of Cyber War. Read the Full Story.
It would be interesting to see how the US Cyber Command responds to this challenge.
Brazil Moves Criminal Action Against Google for Offensive Content
Google appears to be in serious legal trouble in Brazil over non cooperation with the authorities regarding content related offences. The head of Google's Brazilian operation is facing criminal contempt charges for refusing to turn Orkut users' data over to police. And next month there is a hearing in a case brought by a São Paulo prosecutor threatening daily fines of $100,000 or the shuttering of Google's Brazil office....Read the full story in wsj
TOI editors may kindly take note how non regulation of Content can lead to proliferation of content related crimes.
Why Times of India is Wrong
By publishing the article "Recipe for Killing Internet in India", Times of India has undertaken a special public opinion mobilization task against the provision of ITA 2000 which provides for vicarious liability for Intermediaries for third party content in certain circumstances. The content of the article consists of mis statements and in parts plain falsehood and is misleading the public. One such statement made in the article is that in other countries the Intermediaries are not liable in similar cases. Here is the reason why Times of India is wrong...Naavi October 19, 2007
Please do not try to manipulate public opinion with planted stories
The news report headlined "Recipe for killing Internet in India" published in Times of India on October 17th has created a small stir amongst Internet and Cyber Law observers in India. This report has been followed up by an editorial today titled "Don't Chain The Net" and an online survey on "Holding Internet Service Providers responsible for what content flows through their network is insane."
With these actions, Times of India has taken a strong position on the issue trying to create a public opinion against the standing committee's reported recommendation.
It appears that the TOI report is a planted story and contains false statements meant to mislead the public. The proposal of the standing committee by any chance is not killing the Internet but the report is definitely killing the credibility of the press... More
A Virtual Kargil Awaits Liberation Attack from Cyber Army
The Russian Business Network (RBN) with a notorious reputation, as "the baddest of the bad" ISPs, which has been identified as the ISP which is hosting more than 50% of the global phishing sites is reported to be behind the last month attack on Bank of India. RBN is reported to almost exclusively attack non-Russian financial institutions and it is said that its leaders' family ties with a "a powerful St Petersburg politician" effectively offer it immunity from prosecution.
Now that there is prima facie evidence on the involvement of this ISP in an attack on a critical target in India, should we not consider a "Hot Pursuit" by our "Cyber Army"?.. if there was one in India !
Related Articles: Infamous Russian ISP behind Bank of India hack : More light shines on RBN
Indian National Cyber Security...Challenges
[A Note presented to the seminar on Challenges for National Cyber Security.. at Bangalore on OCtober 17, 2007]
India is celebrating 60 years of Independence. At this point of time it is natural for us to focus on the security of the nation. In the current Digital era where “Governance” as well as “Business” is increasingly being led by ICT, the discussion on security of the nation is not complete without a discussion of the Cyber Space in which e-Governance and e-Commerce take place.... More
BSNL Admits Tampering
BSNL sources in Patna admitted that telephone lines of some customers might have been tampered with by diverting the connection to PCOS. BSNL has advised customers to keep the phones locked. BSNL has also cautioned BSNL broadband users not to disclose their internet connection password to anybody or use it in email communications to avoid Internet Leeching. ...Details in TOIA
Russian Company Specializes in Cyber Crime Support Services
According to reports of many security firms, there appears to be one company in USSR which hosts support services for nearly half of all the Phishing scams that occur in the globe.
The Company, Russian Business Network in St. Petersburg, is considered a shelter for all illegal activities, be it child pornography, online scams, piracy or other illicit operations according to some security firms who have monitored its activities
It is said that to buy the services of this company one must have established himself as a recognized data thief.
It is wrong to assume that there is no legal remedy against such organized crime syndicates....In the quest for a global Cyber Security strategy, it appears that the network is a fit case for Cyber Armies to attack and disable. More
CCC-RAC receives another Cyber Cheating Case from Bangalore
Cyber Frauds are a day to day aspect of our current generation. Bankers who are the focus of any fraud cannot be ignorant of the different ways and means by which frauds are committed.
Cyber Crime Complaints and Resolution Assistance Center (CCC-RAC) at Bangalore has received information of another Cyber cheating case in which a Doctor has been cheated of US $ 1850 by a Nigerian firm promising a job in a sophisticated hospital at a salary of US $18500. On receiving the employment order the doctor has been asked to pay the amount towards processing of VISA etc and the same has been remitted through Indian Overseas Bank, Bangalore.. More
NPA Hosts Phishing Site
A Phishing fake website of Bank of America website was found to have been hosted in the National Police Academy server much to the embarrassment of the police. The fact was discovered during a survey of phishing sites undertaken by F-Secure.
Details at register.com
Transforming an Idea into a Product
"Ideas ahead of times are difficult to commercialize ...." Naavi reflects on his journey through development of Cyber Law College as a business Article in ET
From time to time, rumours start floating that Swiss cash is about to come back and start honouring its obligations. Initially there were reports about hurricane and the servers being down etc. The latest rumour is that it will start paying return of 33% per month. It also takes the name of HSBC Bank as a likely partner.
Investors may note that most of these news are emanating in blogs maintained by agents of Swisscash who may be under threat of legal action in their respective countries. It is only extending the agonies of the investors. New investors should take care to remain aloof and not be taken in by these false rumours.
Related Articles : RBI and SEBI Oblivious to the Scam....Statesman; smf1948, swisscashupdate
Indian Airforce Day.. Are we Focussing on Information Risks?
The Indian Air force which was established on 8th October 1932 and is celebrating the Air force day today. The developments in technology in Aviation Engineering and Weaponry have brought about significant changes in the warfare technology since the day the Air force was born. These challenges are being met with necessary technology import and indigenous development. However the new dimension in warfare which has been added recently is the "Information Warfare" or "Cyber Warfare".
The critical dependence of the current day warfare on "Electronics" is well known. The electronic gadgets use Information as the raw material and unless this is secured, there is a huge risk in a technology led war. A couple of year's back Indian Air force considered these risks and set up a task force to address the issues. Hopefully substantial developments might have taken place in the Information Management systems managed by the air force though this information is not available on the public domain.
Are we in India ready for a centralized Cyber Space Security Command? Does the aggregation of Cyber Crime Police Stations across the country provide for an umbrella arrangement under which a national Cyber security blanket can be drawn? Does the Private Sector have a role to shield its own little little pieces of cyber space? are some of the issues that will be discussed in the proposed one day seminar on "Vision for National Cyber Security Force" proposed to be held at Atria Hotel, Bangalore on October 17, 2007. The programme is being organized by Digital Society Foundation, Computer Society of India, RV College of Engineering and ITPF. (Delegate form available here)
Internet Leeching ...in Mysore
Following the articles on Internet Leeching and negligence/possible compliance of BSNL in the issue, Mr K S Sudheer writes about his experiences with BSNL and the attitude of BSNL employees to the passwords of customers. ..More
CCA Site..When was it last modified?
We recall the fact that CCA website was off Internet for a few days. (Read: Legal Crisis in the Digital Signature System). The site is now back in action but one of the visitors has sent this interesting observation.
"Could access the CCA Site But the foot note says.."Page last modified on 15 Nov 2006". However on the right hand side the 2007 Root certificate file link logo is posted. Is it not reasonable to assume tht the 2007 certificate gets posted in 2007?. If so why the last modified n 15 Nov 2006?
Can there be any light on this?..
Venkatesh, October 07, 2007
Copy of the home page as on October 07, 2007
Swiss Cash.. 1000 persons lose Rs 60 Crores in TN
According to Sun News today, over 1000 persons in Tamil Nadu have lost over Rs 60 crores. When Naavi.org first reported the scam on July 20, RBI and SEBI were also notified demanding preventive action. However, neither of the two regulators took any preventive action. Even when Securities Commission of Malaysia took action to ban the Swiss Cash website and to arrest the local operator, SEBI did not think it was necessary to make a move. Now if 1000 investors have lost money, a part of the blame has to be taken by the officials of these organizations who failed to do their duty.
Related Article: Swisscash.net .. Clarification sought from RBI/SEBI : Swiss Cash..a scam brewing
The Problem of SMS/Phone spoofing
Just like the Swedish Security professional Dan Egerstad had exposed the security weaknesses in the e-mail communication system in Indian embassies, an Internet user in Ahmedabad by name Mr Pathanjali Vyas created a sensation by publicizing the existence of websites which allow telephone alls and SMS to be put through with any telephone number to be input as the sender's telephone number. He demonstrated the possibility by sending a spoofed SMS by sending an SMS in the name of Mr Sharukh Khan, a celebrity film actor to somebody inviting them for a party. The news was picked up by a TV Channel Headlines Today which carried an extensive discussion on its English and Hindi (Aaj Tak) channels today (October 4, 2007). Naavi also participated in the discussions... More
Beware of this Gmail Phishing
Cyber Crimes are a concern for Netizens all over the world. Amongst the many crimes that are seen in the day to day life of a Netizen, phishing frauds are one which look innocuous but could be preparatory to larger crimes. Hence they deserve more attention than they do at present.
Many of these frauds proliferate since the law enforcement doesnot focus on prevention of such crimes. This is as much the case with Indian Police as perhaps with other countries.
In order to test the response of the law enforcement, Naavi.org brings to the notice of law enforcement in Bangalore, India as well as law enforcement in USA, a recent phishing fraud in the name of google.com. We would like to know how far the law enforcement would be interested in taking suo-moto action in preventing crimes of this nature where it would be extremely difficult for individual victims to pursue a complaint.....More
Legal Crisis in the Digital Signature System
CCA Website Continues to be Off the Net (October 3rd, 2007 11.38 am) for the second day in succession the website of Controller of Certifying Authorities, the root certifying authority in India is down continuing the disruption of the legal system of Digital Signatures and Digital contracts. More
CCA Website goes off the Net?
The website of the Controller of Certifying Authorities at http://www.cca.gov.in is not accessible today (October 2, 2007). Naavi.org had been notified that the Ministry of Information Technology website had not been accessible yesterday. The Ministry site is now accessible. However the CCA site is a different type of website. It is not a mere information site like the Ministry site. It has a legal relevance. CCA is the root certifying authority in India and its digital certificate should be available for downloading at any point of time. CCA is presently responsible for maintaining the online revocation register as well as the online digital certificates issued. If these are not available, it affects the legality of digital contracts to some extent. The non availability of the website therefore creates a serious legal lacuna. It would be interesting to know the reason for the site going off the net.... Naavi, October 2, 2007, (9.00 pm, IST)
PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar
PR Syndicate, (an organization of Corporate PR Professionals in Chennai,) celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occassion, "Award of Excellence in Public Life" was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More
Naavi's latest book "Cyber Laws Demystified" was soft launched at the Nimhans Convention Center during the Indian Police Congress. The book is a comprehensive coverage on Cyber Laws both ITA-2000 as well as IPR and other issues.
Structured into 24 chapters it also covers the proposed amendments to ITA-2000 in detail as an appendix. A copy of the Information Technology Act 2000 is also appended to the book.
The book also has several individual chapters on the legal issues of Cyber Banking, Cyber Advertising, Cyber Taxation and Cyber Terrorism.
The book is priced at Rs 750/-.
For Enquiries and Bulk orders click here. :
What is Naavi.org?
Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.
The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.
The second key service is the Cyber Evidence Archival center which provides a key service to help administration of justice in Cyber Crime cases.
The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.
The fourth key service is the online mediation and arbitration service another unique global service.
The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.
Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.
Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.
Add Your Comments Here
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center