Make Your Company HIPAA-HITECH Compliant
Train Your Employees for HIPAA Awareness ::Conduct HIPAA Compliance Audit
Articles on ITA 2008
11 Impact on IT Companies
Overview of Changes between ITA 2000 and ITA 2008 12 Is ITA 2008 more stringent than ITA 2000?
Concern for Privacy Rights Vs National Security- 13 Conspiracy to abort amendments 6 14 IT Companies... It is Time to Act 7 Cyber Cafes under ITA 2008 15 Cyber Cafe Regulation.. Some thoughts 8 16 Rules to be Framed under ITA 2008 by Central Government
Links: ITA 2008 : ITA 2000 Vs ITA 2008 :: ITA 2006 Vs ITA 2008
National Netizen’s Rights Commission Required in India
Estimated Loss on account of Cyber Crimes
January 30: According to a Mcafee study, data theft and cyber crimes have cost globally around US $ 1 trillion (Rs 45,00,000 crores). The estimate is based on the survey done in US, UH, Germany, Japan and China and includes the estimated IP losses. Respondents estimated that they lost data worth a total of US$ 4.6 billion and spent around US $600 million in post incident cleaning up operations. News report
NDTV needs to Apologize
January 29: The recent incident where the NDTV Managing Director, Ms Barkha Dutt has reportedly taken offence to a comment made in a blog forcing the blogger to tender an apology reflects a sad state of affairs where one journalist is trying to curb another. The issue related to the TV coverage of the Mumbai blasts which the blogger called “Shoddy Journalism”. (See posting dated Nov 27, 2008) Subsequently, he is appeared to have been forced to tender an apology having been threatened of a defamation suit by Ms Barkha Dutt.
It is unfortunate that one journalist who should know more about journalistic ethics and freedom of expression decided to use the clout she wields on the blogger.
It is difficult to accept that the blogger’s remarks amounted to “Defamation” and perhaps the strong notice that some lawyer might have drafted on behalf of Ms Barkha must have made the blogger decide that it is not worth fighting against a big channel which also is considered Pro-Government and must have political clout too.This is a clear case of a blogger being intimidated for expressing his honest views.
I urge the Press Council of India to step in suo-motu and take action against this assault on the freedom of expression of a fellow Net Journalist. In the event Press Council thinks that the blogger is not a journalist and not registered with them and therefore not eligible to be protected, then it is time for bloggers to set up a “Blogger’s Association” and seek recognition as a “Collaborative media vehicle”. This collaborative entity should register itself as a “journal” and seek registration with the Press Council.
In the meantime, even without the responsibility to protect a blogger, Press Council should consider that it has a duty to prevent its own members acting unethically and should initiate a disciplinary proceedings against NDTV so that a counter apology from them is obtained. Views and counter views welcome.
Related Article: http://desicritics.org/2009/01/29/055451.php : A blog post : Some Media Responses: IT Examiner : CIOL Times
ITA 2000 Amendments ... Impact on IT Companies
January 27: The substantial amendments passed on December 22/23 by the Parliament has been watched keenly by IT and ITES companies. Many are happy since the resulting ITA 2000 -Version 2008 which we prefer to call ITA 2008 has tried to address the demand for "Data Protection". While the two sections, Sec 43A and 72A directly impact IT Companies dealing with data processing, some of the other sections also have a significant impact on IT companies and could be source of irritation as well.
In case appropriate safeguards and a monitoring mechanism is not immediately set up, there is a grave danger lurking ahead for IT companies and its executives who may become pawns in the hands of law enforcement officers who know where the law pinches and is able to tickle the sensitive spots in the IT industry....More
Beware of this Credit Card Fraud
January 26: A new type of Credit Card fraud has been reported and for the general information of the Netizens, the details are provided here. Details
The e-Gazette Debate
Jan 23: A debate has been launched on whether it is proper for Government of India to charge a fee for downloading gazette notifications from its website http://egazzette.nic.in. After the issue was raised through this site and some e-groups, Naavi has received several views and opinions on the same. In order to expand the scope of this debate, a more detailed note on the issue is presented here and comments from public are welcome. Views received in other fora will also be consolidated here for general information. ..More
Online Child Protection Act Squashed in USA
The US Supeme Court upholding Free Speech considerations decided to squash the 1998 Child Online Protection Act. The act was an attempt to control commercial sites by requiring credit-card access and other devices to screen off minors. The courts concluded that financial filters would have the effect of walling all manner of speech, by imposing costs and screens that imperiled the rights of adults to lawful information. The Act had been framed after the Supreme Court had struck down the Communications Decency Act in 1997.
In 2004, the Supreme Court had said the Act could restrict access to free speech protected by the First Amendment to the U.S. Constitution. In a 5-4 decision, the Supreme Court had sent the case back to the 3rd U.S. Circuit Court of Appeals in Philadelphia to determine whether young people could be protected from online obscenity through software filters. Last year, the lower court decided that software was an equally effective, and less restrictive, way to prevent children from viewing sexually explicit material online. The federal government appealed that decision to the Supreme Court, arguing that half of American homes where children can access the Internet lack filtering software or other technology to block obscenity. The American Civil Liberties Union challenged the law and argued that filters are more effective than a U.S. ban, which cannot be applied to foreign Web sites. The law also failed to cover e-mail, newsgroups, and chat rooms, which are used to disseminate pornography. This week, the Supreme Court dismissed the appeal, in Mukasey v. ACLU, without comment. That prevents the Act from taking effect....... decision
Digital Signatures under ITA 2008-A Blunder Repeated
Jan 19: Information Technology Act 2000 (ITA 2000) had prescribed Digital Signatures based on Asymmetric Crypto system and Hash system as the only acceptable form of authentication of electronic documents recognized as equivalent to "Signatures" in paper form.
When ITA 2000 had been drafted, there was a major blunder in the drafting of Section 35 subsection (3) which made it mandatory for an applicant of a digital signature certificate to enclose a "Certification Practice Statement" along with his application. Naavi.org had pointed out this blunder immediately in the article " Though there was a comprehensive amendment now, the subsections 35(3) and 35 (4) have not been officially corrected and the need for submission of Certification Practice Statement by a digital signature certificate applicant remains in the books.. indicating the gross negligence in the drafting of the Bill. Now this blunder has been accompanied by more avoidable confusions.... More
Post Satyam, Chartered Accountants focus on Fraud Detection
In a quick response to the Satyam incident where a massive fraud was facilitated by either the complicity of or gross negligence of PWC auditors, ICAI has taken steps to bring a higher focus on the development of "Fraud Detection Skills" amongst the Chartered Accountants. Accordingly, Institute of Chartered Accountants of India (ICAI), has introduced new study modules for CAs on ‘fraud and forensic accounting’. Report in BS
Another BPO Fraud Reported From Noida
Even while the new provisions of ITA 2000 regarding Data Protection related liabilities are awaiting notification, yet another fraud in the BPO segment has been reported from Noida. An employee since 2004, the accused, the team leader Edward Burns, manipulated the data available to him to get the client insurance company to pay an unwarranted total amount of 56,560 British pounds (Approximately Rs 41 lakhs) into the accounts of his three associates. These are three London residents, E Maurice, Chi Shigongli and Cheryl Rebiero. He used to manipulate this payment to be paid from the client's "dead'' insurance amounts. He had been carrying out these transactions since 2007. This is a typical Insurance fraud but in the context of the vicarious liabilities of the BPO under Section 85 of ITA 2000 read with Section 66, the BPO may be held liable to pay damages to the person to whom wrongful harm has been committed. It may be recalled that only a few days back another fraud by a Call Center employee of HSBC had been reported from Vishakapatnam where a loss of around Rs 47 lakhs had been stolen when the client had accidentally revealed the PIN to the employee during a conversation.
The incidents again highlights the need for "Appropriate Legal Compliance Initiatives by BPOs" to protect against being held liable for the employee frauds. Report in TOI Vishakapatnam Fraud
e-Gazettes in India
Information Technology Act 2000 enabled the Government to maintain and issue gazette notifications in India in e-form. Though the act became effective in 2000, it was only in May 2008 that the Government of India published the e-gazette. While one can appreciate the efforts even after the delay, it is unfortunate that the Government considers the information provided through gazette notifications as a salable commodity and wants to make profit out of it. While the publication in paper form had a substantial cost which the Government was subsidizing by charging for print copies, the e-copy generation and maintenance cost would be much lower. In this context it is essential that the Government makes the copies available free of charge. I suppose it is the right of a citizen to get copies of the rules of governance contained in the gazette notifications. I hope the Government of India will therefore consider making the gazette notifications free.
Powers of State Governments Redefined by ITA 2008
Jan 10: Section 90 of ITA 2000 (which has been continued in ITA 2008 also) empowers State Government to make “Rules” for the purpose of implementing the provisions of the Act. There is a specific mention of the section 6 which was in relation to e-Governance requirements such as filing of forms, granting of licenses, receipt of money etc.
In ITA 2000, there were not many powers conferred on the State Government other than the e-Governance provisions under Section 6 and to a limited extent the powers given to Police as a State Controlled body under Sections 76,78 and 80. Under ITA 2008, the words “..without prejudice to the generality of the foregoing power..” used in Section 90 (2) assumes a greater meaning now since ITA 2008 envisages a lot more responsibilities and powers to State Governments under the amended provisions. ..More
Cable Regulation Act to enforce strict censorship
As a sequel to the live telecast of Mumbai terrorist attacks, which was used by the terrorists to plan their actions, the Government of India has come up with a move to censor the operations of TV and Cable operations through an amendment to the Cable TV Regulations Act. Related Article. It is reported that the proposal will be kept on hold for the time being at the intervention of the PM.
Indo Pak Cyber Wars
Here is an interesting article on Cyber wars. Though the incident mentioned is old, the security situation might not have changed much. In the ITA 2008, responsibility is being assigned to what is referred to as the Indian Computer Emergency Response Team as the nodal agency for securing the critical information infrastructure. It is expected that the current division of DIT referred to as CERT-In may itself be formally designated as the Indian Computer Emergency Response Team. We have to wait and see what sort of security infrastructure would be created by the organization to protect the cyber assets such as BARC network etc.
Cyber Stalking is an offence which until recently was not an offence recognized in India. IPC covered some aspects of harassment which involved sexual overtones only and hence the larger part of Cyber Stalking did not get covered under law. Now ITAA 2008 has provisions under Section 66A (c) has necessary provisions to make Cyber Stalking an offence with three year's imprisonment and fine. Here is a useful article on Cyber Stalking
Pakistani media train their guns on India through Satyam
It is not surprising that the Satyam scam will be used by India bashers to discredit India and its growing IT industry. It is therefore not surprising that Pakistan should try to use the issue to discredit Indian IT industry. The article in Lahore tech referred to here tries to link the earlier World bank related security breach incident to the possible political clout of Mr Raju and tries to conclude that Satyam was a partner in an espionage activity. This underscores the need for Indian industry to ensure that we all contribute in turning around Satyam incident from being a cause for depression and helpless ness into a building block for fortifying our country's image as an IT major. Just as the 26/11 Mumbai attacks have changed the psyche of our country on the issue of terrorism, this incident should make our IT industry stronger from the information security angle.
Copy of article at lahoretech: Related articles in naavi.org:
Whither Earlier Amendments to IPC and IEA?
January 10: In the original ITA 2000, there were sections 91,92,93 and 94 which were linked to Schedules 1,2,3 and 4 and addressed the concurrent amendments made to IPC, Indian Evidence Act, Bankers Book Evidence Act and RBI Act. ..Now in the present amendments, Sections 91 to 94 have been omitted. ..This process has created a doubt about whether the omission of Sections 91 to 94 of ITA 2000 has the effect of repealing the amendments proposed by these sections and reverting the IPC and IEA to the pre-ITA 2000 status...More
Chartered Accountants call for action by ICAI on Satyam Auditors
Jan 10: The Satyam scam has left a deep scar on the credibility of the auditors who audited the financial statements of the Company. On 9th January, a seminar at Bangalore organized by the SIRC, saw a huge gathering of Chartered Accountants assemble to discuss the IFRS, the new accounting standards to be adopted in India in the coming years. The CFOs of Infosys and Wipro were the main speakers at the seminar. The gathering made many observations and suggestions to ICAI in the light of Satyam fraud which calls for immediate attention from ICAI. ...Details
Mumbai Police to initiate action to secure private WiFi connections
Jan 10: Mumbai police have announced that they would undertake an exercise to detect open WiFi connections by patrolling the streets with WiFi detectors. As a public education exercise the move is good. We hope that it would not be used to harass domestic users of Internet. On the otherhand, liability in cases of unsecured connections should be pinned on the ISPs who donot educate the users. Related Articles
Amendments to ITA 2000 Cyber Crime Friendly?
Mr Pavan Duggal one of the country's experts in Cyber Law has come down heavily on some of the provisions of ITA 2008 which make offences "Bailable". (We may note that they are also compoundable). He has also rightly opined that making Section 66 offence conditional to "having no permission from the owner of the system" would also weaken the law. Probably we may need to manage these contradictions under a proper interpretation of the term "Permission" under Section 43. Accordingly, when a person is given permission to "access" a computer system, it cannot be considered as a "Permission to diminish the value of information residing inside the computer". With this interpretation, it may be possible to apply Sec 66 in most cases. What however restricts its applicability is the condition that the action of the accused should be done "Dishonestly" and "Fraudulently" and the onus of proving the same is on the prosecution. Article in BS
Cyber Cafes under ITA 2008
Jan 07: Information Technology Amendment Act 2008 has made many significant changes in the prevailing laws of cyber space applicable in India, one of which is regarding Cyber Cafes. In the New Act (To be effective after notification) after amendments which we refer as ITA 2008 has however provided a specific definition for the term "Cyber Cafe" and also included them under the term "Intermediaries". Several aspects of the act therefore become applicable to Cyber Cafes and there is a need to take a fresh look at what Cyber Cafes are expected to do for Cyber Law Compliance... More
Punjab Police Steal a March in e-Governance
Jan 07: Punjab police are reported to have started registration of FIR online. This is one reform which Naavi.org has been advocating over a long time as a Citizen Friendly e-Governance service. Karnataka made a beginning with an online complaint filing system but it falls short of the Punjab initiative. We congratulate Punjab police on the move. Report in TOI
Auditing of Documents- Information Technology Act 2000 Amendment
Jan 07: The amended Information Technology Act (ITA 2008) has brought a significant change in the E-Governance related provisions in the Act. In ITA 2000, enablement of e-Governance had been provided through sections 6, 7 and 8. In ITAA 2006, a new section Section 6A had been proposed. Now on the recommendations of the Standing committee, section 7A has also been added.
In some cases of e-Governance, it may not be possible to comply with this provision fully in respect of legacy documents. There would be a need therefore for giving a prospective effect to this provision.
This is an interesting opportunity for the IT industry which needs to come out with necessary solutions. Naavi would be keen to work with an IT Company for the development of this CyLawCom product and invite proposals from interested parties. ...More
PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar
PR Syndicate, (an organization of Corporate PR Professionals in Chennai,) celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life" was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More
Naavi's latest book "Cyber Laws Demystified" was soft launched at the Nimhans Convention Center during the Indian Police Congress. The book is a comprehensive coverage on Cyber Laws both ITA-2000 as well as IPR and other issues.
Structured into 24 chapters it also covers the proposed amendments to ITA-2000 in detail as an appendix. A copy of the Information Technology Act 2000 is also appended to the book.
The book also has several individual chapters on the legal issues of Cyber Banking, Cyber Advertising, Cyber Taxation and Cyber Terrorism.
The book is priced at Rs 750/-.
For Enquiries and Bulk orders click here. :
What is Naavi.org?
Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.
The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.
The second key service is the Cyber Evidence Archival center which provides a key service to help administration of justice in Cyber Crime cases.
The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.
The fourth key service is the online mediation and arbitration service another unique global service.
The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.
Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.
Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.
Add Your Comments Here
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center