Baazee.com Case Update
May 29: The Delhi High Court on 28th instant reportedly allowed proceedings against Avinash Bajaj, managing director of Baazee.com, for allowing an auction of a pornographic video clip involving two students on his website. Proceeding under sections 67 (publishing of information which is obscene in electronic form) and 85 of the Information Technology Act, which fixes the responsibility of a person for the conduct of business of the company as well as the company have however been allowed.
However, the court quashed the criminal proceedings against him under sections 292 (sale of obscene books) and 294 (obscene acts and songs in public place) of the Indian Penal Code (IPC).
From the point of view of Baazee.com this appears to be a positive development since the the Company/CEO was under two main risks one from IPC and the other from ITA 2000. The proposed amendment to ITA 2000 was already addressing the issue of removing the liabilities under ITA 2000. Though this has been stalled by the Parliamentary sub-committee, it appears that the amendments are being re-introduced without all the changes proposed by the sub-committee. Now that the foucs in the Baazee.com litigation is entirely on the ITA risk, there is a possibility of the amendment process being expedited.
In view of the high profile nature of the Case there is every possibility of the law being twisted or the judiciary being misled. One needs to wait and watch the developments of this landmark case. It is not clear why why the charge was dropped under Sec 292.
Was it because the video clipping was not considered a "Material equivalent to Paper document" covered by IPC?. Was the content not deemed "obscene"? Was the act not considered "putting the obscene material into circulation"? Was there no "Receipt of Profit"? Was it not amounting to "Advertising and Promotion"?
In case the spirit of Section 4 of ITA 2000 (legal recognition of electronic documents) had been considered, it would have been difficult to reject the charges under Sec 292. If the rejection is due to an inadequate pressing of charges by the Police, there is a danger of the case turning out to be a misleading precedent.
Public has to be vigilant since there is a possibility of disinterest sneaking into the prosecution after the change of guard and may result in a verdict without a thorough analysis of the legal points involved. More
Seeking Due Diligence From CERT
May 28: Yesterday, existence of a sinister website was brought to the notice of Naavi.org. It was felt that the website was of such nature as to warrant immediate criminal action against the owners. However in order to find out the owners, there is a need for a thorough investigation which can be done only with the intervention of CERT and CBI. Naavi.org has therefore brought the need for action to the notice of CERT. However, the current procedure require such requests to emanate from either the DGP of a State or an appropriate Court etc and there is a possibility that if CERT decides to stick to the procedure, action would be delayed.
We therefore request through these columns that MIT amends its procedures for receiving complaints by CERT by enabling public spirited persons lodge complaints directly with CERT. Simultaneously, in order to ensure prompt action in deserving cases, CERT should be made responsible to file a "Compliance Statement" on all public complaints received, preferably through a transparent web based information system.
It may be recalled that the ongoing ITA amendment exercise seeks to make CERT a powerful apex authority for Cyber Security in India with quasi judicial powers. At the same time there is a public demand for RTI coverage of Judiciary. Under such circumstances it is necessary that CERT should take voluntary steps to open its doors of complaint to the public and to respond them in a professional manner.
We hope that "Due Diligence" which is mandated on all IT users under ITA 2000 is also mandated for CERT so that in the event no action is taken by CERT when it was warranted, it would be deemed as a violation of ITA 2000.
E-Discovery is the Responsibility of Police
May 28: One of the frequent problems faced by Cyber Crime Victims is that they are often unable to find out who the offenders are. Hence when they approach a Cyber Crime Police Station with a complaint, their complaint will often speak only about the impact of a crime. They will often not know how the criminal operated, how he accessed the victim's e-mail or Bank password, who was in fact the criminal etc. Some traditional Police men often refuse to register complaints without full information. In cases where the jurisdiction of the Police Station is divided between ITA 2000 crimes and Other crimes, Police insist that the victim prove that the offence comes under their jurisdiction before the case is registered. This being not possible, the victim often is unable to pursue his complaint. In this context the report that Yahoo has sued a group of "Un
known Phishers" under Trademark law. In the Court filing,
"Phlashing" a New threat
May 27: Information Security experts are now alerting the users about a new security threat termed "Phlashing" which is an attack on the Network Enabled Embedded Devices (NEEDS). These devices may be attacked under a PDOS (Permanent Denial of Service ) by uploading a purposefully corrupted BIOS into a device, causing the system to crash. Depending on the configuration of the network in question, strategically crashing a small handful of routers could bring down a network or business. Report
May 27: Whistleblowers are an important part of a security plan implementation. It is therefore necessary to nurse this community and develop a suitable system by which the whistleblowers are protected from harassment. At the same time one cannot underscore the need for whistleblowers to follow a system of disclosure which does not unfairly defame the employer or put the information of innocent bystanders at additional risk. In the recent Dan Egarsted incident, the security professional who captured the sensitive e-mail passwords of several Indian diplomats posted the information on a public website. Though this was stated to have been done after due notice to the Indian Government and their inaction, thoughts did remain if the security professional could have used a less sensational exposure. Now it is reported that an employee of a an US Retailer TJX has fired its employee who tried to expose the shoddy security practices at the Company and his futile attempts to correct the same. Report at theregister.com
Here again while one appreciates the public concern of the employee, a thought should be spared on whether it was ethical for the employee to expose the information while still in service.
Probably we need to develop
a) A code of ethics for IS Whistleblowers
b) An IS Ombudsman for Whistleblowing
The role of an ombudsman here is to enable the whistleblower to identify himself without the employer being necessarily coming to know of the identity of the whistleblower while at the same time regulating the exposure probably with a due notice to the employer. Suggestions in this regard are welcome at firstname.lastname@example.org
Social networking Sites under a scanner
May 21: The recent indictment of a 39 year old lady in Missouri (US) for causing the suicide of a 13 year old girl has opened up a new debate in US on the need to control Cyber Bullying through social networking sites such as MySpace or Orkut. There is a demand for changes in law to ensure that intermediaries take sufficient precautions to prevent misuse of their sites. The words of the Missouri governor who stated “Social networking sites and technology have opened a new door for criminals and bullies to prey on their victims” need to be noted by those in India who are clamoring for changes to Section 79 of ITA 2000 to make Intermediaries not liable for any offences committed in their network. Report in the national.de
UK To Mandate Data Retention by Intermediaries
May 21: UK is all set to mandate by law that ISPs should keep access data for a period of 1 year and make it available to Police on court directions. The rule will also apply to telephone companies and cover the origination, destination, duration of call etc but not the content.
In India, this is being achieved through a combination of DOT guidelines along with Section 65 of ITA 2000. The DOT guidelines makes holding access records for one year as a part of licensing terms. Section 65 states that not maintaining information mandated by law would be punishable with 3 years imprisonment and a fine of RS 2 lakhs. Together the provisions meet the UK provision.
It may however be remembered that EU police have requested for maintenance of such data for at least 7 years and the proposed provision therefore falls much short of the requirement for law enforcement.
Child Safety Gets Greater Focus
May 20: Some of the recent developments including suicides of children promoted by websites, the need to secure children online has received greater focus in the community. Naavi.org has started some new initiatives with Indus International School for a systematic Cyber Safety plan for large schools. Even professional security professionals have started looking at specific security measures to monitor activities of Cyber bullying on social networks. It is reported that a new start up,
Satyam in Patent Dispute
May 19: Satyam Computers Ltd is embroiled in a serious legal dispute which has the potential for creating a huge damage to the company. The dispute is generated by a patent claim by one of the clients of Satyam which has now turned into an accusation of forgery, mis-representation etc. The client has now filed a suit for damages of US $ 1 billion. More info Copy of the UK Court judgement on Jurisdiction
Lack of knowledge of Patent laws by the employees of Satyam has resulted in this huge potential liability.
The incident should be an eye opener to all Indian Companies who are ignoring Cyber Law Compliance audits and employee awareness creation.
Google Obliges Indian Police
May 19: Google
The reports indicate that the case has been filed under Section 292 of IPC and Section 67 of ITA 2000. These sections relate to content which is "Obscene" and which tend to deprave or corrupt the minds of persons who are likely to see the content. It is not clear what was the objectionable content that warranted the arrest. In case the objectionable content is only about "expression of hate", it cannot be charged under Section 67 of ITA 2000.
Cyber Bully Indicted
May 19: In October 2006, a 16 year
Now Lori Drew has been indicted on charges of Conspiracy and
Cyber Cafes and Cyber Crimes
May 18: The arrest of an owner of Cyber Cafe and confiscation of computers following the Jaipur blasts is yet another reminder for the Cyber Cafe owners that they have a huge role to play in the fight against terrorism in India. The least every Cyber Cafe should do is to keep a daily record of visitors in the form of a video capture. Additionally Cyber Cafes need to be linked up to a central cyber cafe monitoring cell of the Police for real time investigations on call. These measures may not stop terrorism but will stop use of Cyber Cafes by terrorists. Choking the resources that help in terrorist activities is a step in the direction of reduction of terrorist activities.
It is also time for the Cyber Crime investigators to establish a hot link with e-mail providers for real time investigation of e-mail tracking.
It is needless to say that Police need to be properly trained so that they are not fooled by e-mail spoofing resulting in arrests of innocent persons.
Related Article in TOI
"SENSEX" Challenged in a domain name dispute
May 11: The case filed by a Stock market analyst Mr Deepak Manohar Mohoni on Bombay Stock Exchange (BSE) challenging the trade mark application of BSE in Mumbai has attracted a nationwide attention rising several issues on trade mark rights. ...We are all aware that BSE is a large organization with a huge financial resource to fight its case upto the highest Court in the country if required. ... There is therefore a danger of the case getting decided in favour of money power than the merits of the case.
Naavi.org as a crusader of the cause of the e-downtrodden requests support from the media and other quarters for Mr Mohoni who has on record stated "... he does not have a problem with anyone using the term, as long as no one claims exclusive rights to it.".
Recently, when Naavi had to take up a defense on behalf of a domain name registrant who had registered a domain name "sensex.in" against an arbitration complaint raised by BSE,...we place on record some of the information we had gathered during the arbitration defense so that BSE is not able to mis-represent facts. ...Details
Wife Frames Husband by Hacking
May 07: An interesting case has been reported from Hyderabad where a wife has reportedly hacked into her husband's e-mail and sent false e-mails to herself and her parents to frame the husband in dowry harassment case. Report in Siasat
Naavi.org has been receiving reports about a number of incidents of e-mail use and abuse in section 498A cases. It is necessary to understand that e-mails may be used as evidence only of they are properly certified. Cyber Evidence Archival Center is providing the necessary certification service which also examines to a reasonable extent if the e-mails are fraudulently constructed and this is very important both for defense as well as for using it as evidence against some body else. For more details contact email@example.com or visit www.ceac.in .
BSE Faces Challenge Over SENSEX
May 06: A news paper report states that a case has been filed against Bombay Stock Exchange over the rights to the word "SENSEX", by a Stock Market Analyst. It is stated that a Veteran stock market analyst Deepak Madhukar Mohoni has staked his claim to the term, saying that he coined it as far back as November 1989 when he started contributing articles to the magazine, Business World. Recently BSE launched a domain name claim on www.sensex.in owned by a Mumbai based registrant claiming that it had registered a Trade Mark in USA. A strong counter defense has been put up by the registrant amongst other things challenging the trademarkability of the word SENSEX. Report in DNA Report in CNN IBN
Meeting the Chinese Cyber Insurgency Threat
May 06: The recent news reports about the Chinese hackers invading the Indian cyber space has opened up the debate on "Cyber Wars" yet again. ...Naavi proposes the following suggestions for national debate and wish this is taken up seriously by the persons concerned with National Security....We need to develop an Indian National Cyber Security Policy document .... While different agencies present and to be formed , in public and private sector can be assigned the role of securing ... individual segments, the Policy should ensure that there is a "Unified Command " and a "Collaborative Structure" with appropriate "Incentives" for the users. ...More
Indian Army Gears Up for Cyber Warfare
May 02: Indian Army Commander's Conference has reportedly has decided to boost the "cyber-security" of its information assets down to the division-level to guard against cyber warfare. The recommendations include measures against data theft and periodical information security audits. TOI Report
PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar
PR Syndicate, (an organization of Corporate PR Professionals in Chennai,) celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occassion, "Award of Excellence in Public Life" was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More
Naavi's latest book "Cyber Laws Demystified" was soft launched at the Nimhans Convention Center during the Indian Police Congress. The book is a comprehensive coverage on Cyber Laws both ITA-2000 as well as IPR and other issues.
Structured into 24 chapters it also covers the proposed amendments to ITA-2000 in detail as an appendix. A copy of the Information Technology Act 2000 is also appended to the book.
The book also has several individual chapters on the legal issues of Cyber Banking, Cyber Advertising, Cyber Taxation and Cyber Terrorism.
The book is priced at Rs 750/-.
For Enquiries and Bulk orders click here. :
What is Naavi.org?
Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.
The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.
The second key service is the Cyber Evidence Archival center which provides a key service to help administration of justice in Cyber Crime cases.
The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.
The fourth key service is the online mediation and arbitration service another unique global service.
The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.
Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.
Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.
Add Your Comments Here
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center