Reull
Let's Build a Responsible Cyber Society
14th Year in service of Netizens


 
Contact Address
E-Mail
About Us

Consultancy

Affiliation
Advertising

 
Naavi's Payment
Center
Chat Room
USD-INR Rate


 

Keep A Watch On The Virus World

Badware watch

Scan Your Computer For Free..Thanks to Panda Software.

Cyber Law Forum
Privacy Policy, Editorial Policy & Disclaimer

Trademarks

Business Enquiries

RSS Subscription

[Valid RSS]

 


"This website is the Wikipedia of Indian Cyber Laws".. A Visitor's remark


"Watch This Site as a Daily Habit. It may save careers".. A Banker's remark as an advise to fellow Bankers


Sec 43A clarification.. What has changed?

Aug 30: There have been a more than required attention on the recent clarifications issued by the Ministry of Communications and Information Technology (MCIT) on the earlier April 11 guidelines regarding Sec 43A....More

Fake Employment Fraudster Arrested

Aug30: In a commendable investigative effort, it is reported that CBI has arrested a fraudster who was stealing personal information from Cyber cafes and using it to launch a targeted employment fraud attack on individuals. The files were picked up from recycle bins where the CVs were dumped by the users. This incident also highlights the need for better security in Cyber Cafes. Some time back Naavi had suggested a cyber cafe management software which prevented such frauds. Authorities however did not show interest in considering the free software as a part of the compliance measure. Related Report

Nagpur Cyber Security Summit 2011

Aug29: BSNL Nagpur in association with Cyber Awareness Groups in Nagpur conducted a three day Cyber Security Event on 25th/26th and 17th August to build an awareness in the community about Cyber Security Risks. Speakers from all over India participated in the event held at the RTTC, BSNL auditorium. Several awareness lectures were also conducted on the occasion at two Engineering Colleges in the city. Naavi also participated in the event both at the main conference and the workshops at the Engineering colleges. The event was highly successful and several hindered delegates participated in the event on each of the three days along with law enforcements agencies. Naavi spoke on the Threats to National and International peace through Cyber Terrorism as well as the need for Engineering students to study Cyber Law.

Changes in Sec 43A Rules Exempt Foreign Companies

Aug25: In a clarification issued by MCIT it is stated that the April 11 rules on Sec 43A is not applicable to foreign companies. It has been clarified that if service is being rendered under a "Contractual obligation", the provisions of the contract will prevail. This was evident with the reading of Sec 43A where the rules were only the third option under sec 43A:  More  Related Report  Press Release :

Dr Gulshan Rai at CAT

Aug 24: It is reported that  Dr. Gulshan Rai, DG (CERT-IN) has been declared as Head of Department for the office of Cyber Appellate Tribunal (CAT). This appears to be an additional charge for Dr Rai. He may also be an additional member of CAT in a multi member CAT providing the technical inputs. The Chairman's position in CAT still remains vacant and the person has to be chosen from the Judicial community.

Bank liable for Phishing.. US Court

Aug23: In yet another court decision against a Bank, a Michigan Court ordered a Bank liable for approximately US $560,000/-. It is interesting to note that the Court stated that the Bank "Failed to present evidence" that the Bank had acted fairly with the customer... Report : Detailed Report : Judgement

Discussion on IT rules in Chennai

Aug21: Here is a discussion on the IT rules  worth listening to.  The discussion is about rules under Sec 79 whether they are reasonable. In particular the responsibilities hoisted in the intermediaries for removal of objectionable content on receipt of complaint is also discussed by the participants.

Is DIT  misleading the Public?

Aug 20: The GOI released the notification of rule under Section 43A on April 11, 2011. Naavi has presented his views on the same in the article here.  In response to an RTI query, the department clarified that ISO 27001 is not mandatory as is presumed. Naavi had still requested for the appropriate amendment to the notification for which no reply has been received. However, the website http://www.itgovernanceasia.com/t-iso27001.aspx?utm_source=DSCI&utm_campaign=iso27001  takes full advantage of the notification and promotes ISO 27001 as a solution to Sec 43A compliance. Naavi has now asked for clarifications from both DIT and the ITGOV-Asia...More

Employee Owned Laptops and ITA 2008 compliance

Aug 18: Many security specialists have been recommending a system of "Employee Owned Laptops" as a recommended corporate practice. This "Bring Your Own Computer" plan is expected to reduce the cost of administration and better focus on security for essential IT assets.

Additionally this introduces an interesting prospect for ITA 2008 compliance where the Company assumes the role of only a network service provider and shifts the hardware asset to the user.

Data itself remains the property of the company and can be hosted in secure platform with the employee's computer being provided a remote access facility. Data ownership also can be shifted to the employee under a BPO model in certain cases.

Such a system need to however be supplemented with good access management system where the employee's asset when connected to the network needs to go through a good  access validation system to ensure that it is free of malicious codes. Considering the overall benefits the system has a lot of potential as a means of ITA 2008 compliance. 

Can we have an Online Referendum in India?

Aug16: India is one of the few countries in the world where there is a judicially accepted method of authentication of an electronic document with the use of "Digital Signatures". Time has now come for putting this to test in a practical situation. There is now a serious debate on  "Democracy". One view supported by the Government is that "Democracy means electing representatives in an election held from time to time and letting them function until the next elections without any questioning of their "Right to Govern". Another school of thought is that "Democracy is not limited to election from time to time  but also to monitor and get Governed on a continuous basis based on the wishes of the people". Presently there is a practical difficulty in building a mechanism that provides for continuous monitoring of the wishes of the people of the country and hence we need to settle for an intermediary measure of "Referendums" from time to time instead of elections every now and then.

It is now possible for the digital world to show case a pilot project of a referendum. I request all the Certifying Authorities of India come together and organize a referendum amongst those who possess digital certificates and collect the essence of the public opinion on some of the key points of contention surrounding the Anti Corruption movement through voting on the basis of one vote per digital certificate. It can be also extended with a slightly lesser evidentiary value by Mobile Service providers through an SMS campaign where each mobile owner will exercise one vote.

On the basis of the experience of these digital referendums conducted by private agencies, the Government can organize another nationwide referendum based on the electronic voting system. Probably this should be the next logical move which should be acceptable for both the Government as well as the Anna Hazare group.

"Do I authorize the Anna Hazare team’s draft of the Lokpal Bill as against the draft recommended by the ManMohan Singh Cabinet?” .. Yes or No

Multiple Mobile Connections on stolen ID

Aug16: Issue of SIM cards on stolen IDs is a serious security risk for genuine citizens of India since the stolen IDs will invariaably be used for criminal purposes. It is reported that recently several such connections were detected in Vodafone, Maharashtra. After the recent guidelines on Sec 43A, the incident not only represents violation of KYC norms as a guideline of DOT but also a contravention of Sec 43A and Sec 72A of ITA 2008. The genuine customer who is affected by this ID theft can claim civil damages and also file an FIR for prosecution of the mobile company under Sec 72A of ITA 2008.

It is also important to think of solutions to prevent such misuses. One of the requirements of Sec 43A is that any person who has provided his personal information to another person/organization under a lawful contract can demand accuracy of stored data and enforce that the e information is not used for any purpose other than what it was provided for.

Every mobile company should therefore be able to provide a reverse search for a customer where he can check if his name or address or any part of his ID (PAN card no etc) is not also the part of another account with the same service provider or another service provider. A suitable mechanism for providing such information through the grievance officer of the company is therefore a requirement that every mobile company needs to provide as a part of Sec 43A and Sec 79 requirements of ITA 2008.

Similarly Banks which have wrong registrations of mobile numbers of customers and keep sending SMS alerts of one customer to another also need to provide a mechanism for their customers to check if their mobile numbers are associated with any account other than that of the customer.  Report in Pune Mirror

Bank of India Vs ATM Customers

Aug 13: If you are a Bank of India customer in India and have an ATM card, it is time to consider returning the ATM card to the Bank immediately since the Bank is exhibiting a noticeably dangerous anti customer stance related to Fraudulent ATM transactions... More
 

Axis Bank Responds to a Cyber Crime Victim..

Aug 11: Axis Bank has been in the eye of a storm for some time now for various kinds of frauds. Recently a customer in New Delhi-Gurugaon had found that fraudsters had drawn money from his account through ATMs in Greece. When the customer complained Bank initially resisted the complaint but after the matter was taken to the Banking Ombudsman agreed to refund amount of Rs. 664857.14 as per the advisory of Banking Ombudsman.

Now in yet another ATM fraud case in Mumbai, it is reported that the Bank restored a balance of Rs 2 lakhs wrongly withdrawn from the account of a TV actress Rashmi Gosh. The Bank officials have confirmed that there are many such ATM frauds reported to them and they are pursuing the police complaint. Related Report

Recently a customer in Bangalore found that Rs 39 lakhs were fraudulently transferred from their Axis Bank account through unauthorized access in which the customer had not responded to any phishing mail. The Bank however has refused to refund the amount on the first request and the next reaction of the Bank is awaited... More

Damodaran Committee Report comes as a great relief to Phishing victims

Aug09: The Damodaran Committee report on Customer Service in Banks advocates that there should be zero liability for the customers of the Bank due to frauds in electronic banking environment. This should once for all settle the disputes about all Phishing and ATM fraud cases that are presently with various Ombudsmen, Adjudicating offices and Consumer Forums... Related Article

RBI Should take a Cue from OCR

Aug08: Office of Civil Rights (OCR), USA has the implementation responsibility for HIPAA-HITECH act data breach regulations. One such regulation is the mandatory "Data Breach Notice" to be filed by a company which ultimately will be reported in the website of OCR. It is stated that by June 2011, 288 data breach incidents have been posted in this page often referred to as the "Wall of Shame". As could be expected, the organizations are not happy with this provision and would like the data breaches to remain out of public notice. Department of Health and Human Resources (HHS) however is firm on the principle that the organizations should rather be transparent on the efforts taken to correct the mistakes to retain public confidence rather than keeping the public dark. This principle needs to be adopted in India also by RBI and make the Phishing incidents occurring in the Indian Banking scenario public. While the reality is that Internet banking is inherently unsafe and huge amounts are being lost by clients every day due to Phishing and ATM frauds, Banks continue to state in their websites that "Internet Bank is inherently safe" and try to mislead the public. RBI needs to distance itself from this mis information campaign and start publishing the details of Phishing losses perhaps without the name of the Bank to start with.

A Sad Story of a Framed Journalist in Dubai

Aug 08: The enigma of  Cyber Crimes often come handy to authorities when they want to frame somebody. This incident in Dubai where a journalist narrates his experiences makes an interesting reading. End of it we wonder when do we see similar things in India as a part of censorship. We already know of cases being launched for remarks made against Mrs Sonia Gandhi. Now I am informed that a cyber crime case has been launched in Mumbai against a journalist for having written against the Union Home Minister Mr P Chidambaram. I am awaiting further details on this incident. Report

An Open Letter to the President of India

Aug 07: In her address at the Diamond Jubilee celebration of the Bangalore Bar Council, Mrs Pratibha Patil, honourable President of India spoke about the need for the legal community to upgrade their skills in Cyber Law and also highlighted the need for affordable justice for victims of Cyber Crimes. The irony of the matter was that the Central Government has recently closed down the Cyber Judiciary system in India because of their inability to find a replacement for Justice Rajesh Tandon who retired on June 30, 2011 as Chairman of Cyber Appellate Tribunal. Naavi who has been trying to make  DIT realize the importance of the appointment and has been in correspondence with all relevant persons including the Minister of Communications and Information Technology. Naavi had also sent a letter to the President  in June. In the light of the latest statement of Mrs Pratibha Patil, Naavi has sent one more letter through the Internet. Letter of June 21

Cloned sites in Indian Court's Names

Aug07: It is reported that 19 sites in the names similar to sites of Courts in India are being used by Chinese sources to spread malicious viruses. The dot in registrars should consider verification of such sites during the registration as a part of their due diligence under Sec 79 of ITA 2008. Report in ET

100 Phishing Cases in Bangalore in 2009!!!

Aug07: It was recently reported in the Parliament that the Phishing cases reported in 2009 was around Rs 5.09 crores. However this report in Express News says that Bangalore Cyber Crime division itself had registered over 100 cases of Phishing in 2009. It iw well known that Banks always hide frauds and to the extent they bully the customer to take the loss such frauds donot get reported even to RBI. Hence there is a huge understatement of phishing frauds in Banks. If CBI conducts an investigation of all Banks then it would be possible to get more information about the real losses that are occurring in the Indian Banking system. Bangalore Police have now arrested a few persons in Mumbai. Earlier Chennai police have also arrested a few persons from Mumbai in respect of some Phishing cases reported to them. Mumbai has actually becoming the Digital Banking Fraud center in India. If RBI does not give a proper attention to this area, we are going to see chaos in the Indian Banking industry.

Sachin Pilot Clarifies on ITA 2008 rules

Aug 07: Tehelka.com has reported that Mr Sachin Pilot has clarified that the GOI has no intention of censoring the web through the rules released on April 11. While we appreciate the clarification, it needs to be demonstrated by suitable action on the ground by modifying the rules.  ... More

UID issued with Wife's Photo

Aug 06: It is common in voters ID to have cards with misspelt names, gender, address etc. Unfortunately this sort of error is creeping into UIDAI also. It is reported that a senior Citizen in Maharashtra has got an UID card with hi wife's photo on it. Though the authorities have expressed regret and may issue a new card, it is essential that a substantial damage should be collected from the company which made the error and it should be passed on to the customer. When I say "Substantial" I mean of the order of 25000/-. This would be a deterrant to the company and compensate for the difficulties the customer has to undergo to get the card corrected. This issue has come out into the open since it is early days and media has taken note of it.In future when hundreds of such errors may come up the citizen may not be able to draw the attention of the media and has to handle it himself. It is also necessary for UIDAI to consider online receipt of provisional applications as in the case of Passport applications where the details are entered by the applicant himself. This will avoid certain types of errors regarding the spelling etc. Related Article in Pune Mirror

Public Comment invited on Banking Service Working Group Report

Aug 5: RBI has placed the D Damodaran Committee report on Customer Service on its website and invited comments from public before August 27. Public may kindly go through the report and respond. Press Release : Report

Online Banking Frauds in Banks in 2009..Rs 5.09 crores

Aug 5: Parliamentary Standing Committee of MCIT has reported that in 2009, online Banking frauds worth Rs 5.90 crores were registered. The panel has also reported that under Sections 43 and 43A of ITA 2000 compensation is being provided to victims. Related Report :

It is well known that most Banks donot report Phishing frauds and many customers donot pursue complaints. Hence this report appears to be  a gross underestimation. One of the news papers had earlier reported the frauds to be of the order of Rs 1200 crores in three years. According to CERT-In, 374 phishing incidents were reported in 2009. If the GOI publishes Bankwise individual details of the frauds one can check if all reported incidents are accounted for in the MCIT report.

GOI to undertake Security Audit of Government Websites

Aug 5: According to an answer provided in the Parliament by the Minister of State, MCIT, Mr Sachin Pilot,  Government of India is making it mandatory for Government Websites to be audited from security perspective before being hosted... Related Article

Sec43A Compliance Framework from Naavi

Aug3: Keeping in view the specific requirements of compliance under Section 43A, Naavi has developed a recommended framework for compliance under Sec 43A.. More

ITA 2008 Rules to be presented in the Parliament

August 2: The rules notified under ITA 2008 on April 11, 2011 have evoked many comments and criticisms from Netizens, Companies, Media and others. ..The notifications will now be placed in the Parliament during the current session and amidst the Lokpal and 2G scam discussions it is possible that the rules may go through without debate...More


 

 

PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar

PR Syndicate, (an organization of Corporate PR Professionals in Chennai,)  celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life"  was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More

 

  What is Naavi.org?

Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.

The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.

The second key service is the Cyber Evidence Archival center which provides a key service to help administration of   justice in Cyber Crime cases.

The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.

The fourth key service is the online mediation and arbitration service another unique global service.

The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.

Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.

Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.

Naavi



If you would like to know  more about Naavi, the information is available here.

For Any Payments to be made to Naavi online :  Naavi_s Payment Center

[Valid RSS]

RSS Subscription

BLOG POSTS


E-MAIL 


***

 


E-MAIL

Search Naavi.org

Deep Links

ITA 2008

ITA-2000
ITA 2000- Rules
Amendments
Articles

Archived News

Services

Arbitration

Cyber Evidence Archival Center

Cyber-Notice

Verify4loolalikes

Legal BPO

 

Education

Cyber Law College

CyLawCom

 

Reference Sites

Global Cyber Law Resouces

Legal Information

Cyberlaw Stanford

Cyberlaw.org.uk

Law & Tech Blog

 

Cyberlawcases.com

Cyber Frauds

Cyber Crime Cases

Cyber Crime cases2

CDAC-info

Bank Frauds Forum

 

Consumer Forum

Consumer Forum-2

RTI-CIC

DSCI

 

Safe surfing

onguardonline

bangalorecss

esafeindia

alertindian

 

CAT Website

List of AOs

Bangalorecss
WSIS
 

Misc Naavi Initiatives

Naavi Cricket Rating

Cyber Democracy

 
 

 

 

Personal Links

Daily News

General
IT
Cricket
 
Daily Horoscope

.

Visit
www.Naavi.net

Visit
www.lookalikes.in