"This website is the Wikipedia of Indian Cyber Laws".. A Visitor's remark
For Digital Signature Certificates with Online Training on how to use them securely, Contact email@example.com
Dell Employee Accused of Privacy Violation
July 31: In a case of misuse of privileged position and Trust, an employee of Dell Support System in Mumbai is alleged to have violated the privacy of an US woman who called the Dell Support to help recover some lost files in her computer and provided remote support access to her computer. The offence is recognized under several sections of ITA 2008. detailed story : techgoss report
The incident is that it is clearly a violation of several aspects of ITA 2008 and both the Police as well as the adjudicator can take suo moto action. Company can (perhaps should) initiate internal action. Police of course would hesitate to take suo moto action and would prefer the victim to lodge a complaint. Hopefully an e-mail complaint would be sufficient.Further action and conviction may also require forensic evaluation of the evidence available.In case the victim so prefers, she can launch action for compensation with the adjudicator against DELL itself invoking Section 85 of ITA 2008 along with Section 66,67,72A etc.
Adjudicator of Maharashtra can also take suo moto action based on the information available if forwarded to him. He can also order his own enquiry and demand that the Police may investigate and submit a report to him. However awarding of compensation could be only on the basis of the victim's claim.
July 29: Naavi is addressing a CII Webinar on ITA 2008 today the 29th July at 2.30 pm. More information is available here
Snooping on GSM Conversations is easier
July 29: A security expert, Chris Paget, has announced that he will present a method for snooping on GSM conversations with a hardware costing just around US $ 1500/- and the use of open source software. Thousands of hackers are expected to attend the conference in Las Vegas that starts on Friday, where researchers like Paget will disclose security vulnerabilities in systems from cell phones and business software to systems that run the electrical grid. What this will mean to security in Mobile Commerce is to be assessed. Details
Average Corporate Loss on Cyber crimes, Rs 17 crores per year
July 29: A new study of 45 U.S. organizations found that cyber crime -- including Web attacks, malicious code, and rogue insiders -- costs each one of them $3.8 million (Rs 17 crores) per year, on average, and results in about one successful attack each week. Types of cyber crime reported include: stealing intellectual property, confiscating online bank accounts, distributing viruses and other malware, posting confidential business information on the Internet, and disrupting a company's infrastructure... Details
Another related study has indicated that the Businesses around the world have understood the importance of securing their valuable information and increased their IT security budget during the economic slowdown period. Moreover, the market for IT security solutions is expected to grow at a CAGR of 12% during 2010-2013. ..Details
DRM Breaking not a Copyright Infringement
July 28: In what must be recognized as a path breaking judgment, a Federal Judge in USA has held that merely braking of the DRM does not constitute violation of DMCA unless it is accompanied by a desire to violate copyright law. Delivering his judgement in the MGE Vs GE Electricals the Judge Garza said " Merely bypassing a technological protection that restricts a user from viewing or using a work is insufficient to trigger DMCA circumvention provision". Since India is also in the process of amending its copyright law on the lines of DMCA, this judgment is relevant to India as well. Related Article
Managing Smart Phone Risks
July 23: Increasing use of Smart Phones by corporate employees has thrown up new challenges to the security managers. This article captures some of the risks which we need to be aware of when defining corporate IS policies. Article in Express Computer
Cyber Appellate Tribunal to hold sitting in Chennai.
July 21: The Cyber Appellate Tribunal (CAT) which is the appellate authority for all adjudications under ITA 2008 is holding hearing of one of its cases in Chennai. The appeal has been filed by ICICI Bank, Tuticorin, against the earlier award of the adjudicator of Tamil Nadu regarding the complaint of Mr S.Umashankar. Mr Umashankar, an NRI customer of ICICI Bank was a victim of a fraudulent withdrawal of Rs 6.46 lakhs from his account which was transferred to the Mumbai branch of ICICI Bank. A substantial part of the money was withdrawn through an account of one Mr Mohammed Zulfiquar Hashim Khan in cash and a part of the amount was appropriated by ICICI Bank itself towards an overdraft due from Mohd Zulfeuar Hashim Khan. Once the complaint was filed, ICICI Bank was not able to trace the customer. In view of all the circumstances of the case including the failure of ICICI Bank to use digital signatures for communication, the adjudicator had taken a decision against the Bank and also awarded damages and interest over and above the loss.
The holding of the hearing in Chennai is significant since this is the first time that the CAT is sitting in any of the South Indian locations. This would be welcome by all Netizens in South India as the prospect of pursuing the appeal in the far away Delhi was dissuading many Phishing victims from approaching even the adjudicator in the first place.
New Symbol for INR
July 18: Recently the Government of India introduced a new symbol for the Indian Currency. Just as the USD has a symbol $, now INR has a new symbol An Indian company has also developed a font called Rupee Foradian which can be downloaded from http://blog.foradian.com/. (Quick Link) It can be used in word application and has the rupee symbol to the [`] key which is normally the key above the tab button in the left top of the key board. . It is good that Indian entrepreneurs are quickly getting into act for indigenization efforts as the development of "Epic" browser indicates. I would like to see a new OS also to be developed in India so that India lives upto its reputation as a software leader. This entire paragraph is rendered in Rupee Foradian as against Times New Roman used earlier. I want users to report to me if there are any issues on viewability.
New Browser from India
July 17: A new browser application called "Epic" has been released by a Bangalore based firm and is the first indigenous browser from India. It has a built in anti virus. Anti Phishing warnings and malicious code warnings are also built in. It is said to be the first browser which kills flash cookies. The browser is freely downloadable from www.epicbrowser.com and includes some special features for local language users. Naavi.org congratulates Hidden Reflex, the company behind this relese.
OpenSource Office Applications
July 17: In an environment of increasing costs, many organizations are looking for alternatives to the MS office applications. This article explores some alternatives which may be of interest to some of the visitors of Naavi.org. I welcome views of readers if any on these applications. Article in cio.com.au.
Some links to explore:
Support for Win XP- SP2 Ended
July13: The support from Microsoft for Win XP, SP2 has ended today. The choice for current users of XP is to move to Windows 7. If not at least users should move to SP3 and wait.
More Controversy on Censorship of Internet in India
July 13: In an unintended fall out of what was a genuine concern expressed by the undersigned that CERT IN 's reputation should not be diluted, a notice seems to have been issued to a major Blog News network for blocking an article because the comment made there under by one visitor was defamatory to the Indian Judicial system. The logic is of course defendable but one can debate if the matter was serious enough for the confrontation to be taken to such a level where India's reputation for "Freedom of Expression" will now be compared in the International circles with China or Burma. This will test the level of tolerance in our system for criticism and also test the way we treat Internet Journalism vis-à-vis the Print and TV Journalism where different criticisms do surface from time to time against all persons and authorities some times from other people in high places itself. Refer BNN Editor's Note
ITA 2008 Audit Emphasized
July 13: The concept of ITA 2008 audit pioneered by Naavi seems to have caught the attention of more industry practitioners. This is good for the requirement of the Indian IS industry since some proactive steps can now be expected from the industry. Article in techtarget.in
HIPAA Rules Modified
Substantial changes have been proposed by HHS for the Privacy and Security Rules applicable under HIPAA-HITECH Act provisions. The proposed rules have been released for public comments on July 8th and will be the new guidelines for HIPAA Compliance once the rules are finalized.
The proposal will force changes to the number of BPOs who work in India with PHI. An interesting period is ahead of the industry in achieving the required transformation. It is also clear that the increased security compliance requirements will reflect in increased costs and hence there would be a revision of PHI-BPO prices across the table. In this context we need to appreciate the vision of the US regulators who incorporated subsidy of US $17.2 billion at the medical practitioner's level which is likely to percolate to downstream industries and cover part or whole of the increased costs.
There are number of lessons in the HIPAA regulatory process which Indian regulators may also learn and use in the implementation of compliance of ITA 2008... More
Fake ID Risk
July07: The unearthing of a scam in Nagpur where fake Voter ID cards were being made available overnight at Rs 400/- highlights the challenges that UID would face in issuing an ID for any "Resident". Soon all Residents including illegal immigrants as well as transit terrorists can get not only a Voters ID but also a Bank account, SIM Card, UID within 24 to 48 hours. Perhaps with all these documents one can also obtain fake Passports and put the Country under grave security risks. It is for this reason that Naavi has been advocating that UID should be issued only to genuine citizens of the Country after a suitable system of verification. Report in TOI
Arrested For Using Spy Software on Mobile
July 3: 50 persons including a judge, government official, a former MP, businessmen, doctors, engineers etc have been arrested in Romania for using an off the shelf spy software on their mobile. Romanian Directorate for Investigating Organized Crime and Terrorism also arrested Dan Nicolae Oproiu, a 30-year-old IT specialist who allegedly sold the spyware for as much as $580 over the internet. Officials claim his software (FlexiSpy) was available for handsets running the iPhone, Blackberry, Symbian, and Windows Mobile operating systems, and came in Light, Pro, and Pro-X versions that offered varying levels of services. This is an indication of the risks involved in using software available on the net without checking the legality of their usage other than from the point of view of "piracy". Related Article
PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar
PR Syndicate, (an organization of Corporate PR Professionals in Chennai,) celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life" was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More
Naavi's latest book "Cyber Laws Demystified" was soft launched at the Nimhans Convention Center during the Indian Police Congress. The book is a comprehensive coverage on Cyber Laws both ITA-2000 as well as IPR and other issues.
Structured into 24 chapters it also covers the proposed amendments to ITA-2000 in detail as an appendix. A copy of the Information Technology Act 2000 is also appended to the book.
The book also has several individual chapters on the legal issues of Cyber Banking, Cyber Advertising, Cyber Taxation and Cyber Terrorism.
The book is priced at Rs 750/-.
For Enquiries and Bulk orders click here. :
What is Naavi.org?
Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.
The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.
The second key service is the Cyber Evidence Archival center which provides a key service to help administration of justice in Cyber Crime cases.
The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.
The fourth key service is the online mediation and arbitration service another unique global service.
The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.
Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.
Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.
Add Your Comments Here
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center