"This website is the Wikipedia of Indian Cyber Laws".. A Visitor's remark
REQUEST ON LINE MEETING
Comments on G Gopalakrishna Working Group Report
Comments on Cyber Fraud Issues Comments on Consumer Education Comments on Digital Signatures, 2F authentication, Sec 65B etc Comments on Offences, CA business and Online nomination Comments on Encryption and Data Protection Comments on "Intermediary Status" Comments on "Cheques in Electronic Form" Comments on Legal issues in G Gopalakrishna Working group recommendations Are Vested Interests at Work to manipulate RBI ? Phishing Risks under G Gopalakrishna Working Group Report Role of Adjudicators in Phishing Cases Reiterated Summary of Report: Full Report :
Naavi.org Gives its Complete Support to the Anti-Corruption movement initiated by Mr Anna Hazare
Comments at iltb.net on ITA 2008 draft rules
Feb 28: The draft notification on Sections 43A, 79 and specifically the notifications on Cyber Cafes has attracted comments from many experts. I am glad to note that Mr Apar Gupta who maintains a very useful website has recorded his comments on the three draft notifications under ITA 2008 released recently. His comments can be found here: Comments on Sec 43 A: Comments on Sec 79: Comments on Cyber Cafe regulations.
Center for Internet Society Comments on Draft Rules
Feb 28: Center of Internet Society, has recorded its comments on the draft rules released under Section 79. It has made substantial points on how some of the suggestions are ultra vires the Act and against the interest of the Internet society. A copy of the comments is available here.
Brokers Liable for Online Trading Glitches
Feb 28: In a significant decision, the Delhi High Court has held the Brokers liable for the losses suffered by investors due to technical glitches. This upholds the principle that service providers are responsible for losses arising out of technology issues. ET News : copy of ruling
Comments on Cyber Cafe Regulations at medianama.com
Feb26: Here is an article explaining the impact of Cyber Cafe regulations proposed by the Government of India. Article. We endorse the views mentioned in the article that the draft guidelines are impractical. Also the guideline expects all browsing data to be stored and made available to the Police. The security requirements are defined at ISO 27001 level which the cyber cafe owners are unlikely even to make efforts to understand. It is unlikely that the Cyber cafes will even try implementing the guideline. It would be better if the Government reviews the guidelines
Comments on Due Diligence at medianama.com.
Feb 26: Here is an article explaining the impact of the proposed notification under Section 79. Article. We endorse the views mentioned in the article.
Cyber Security and Internet Law
Feb 24: Lal Bahadur Shastri Institute of Management and Development (LBSIMD), Lucknow organized a one day National Seminar on Cyber Security and Internet Law in association with PNBIT, at Lucknow on 24th February 2011. Addressing a gathering of Students and Faculty of Engineering and Management colleges, Cyber Crime Police officials, Bankers and other industry participants, Naavi discussed how the laws in India have addressed the issue of Cyber Security from the perspective of the Netizen, the Law Enforcement and the industry. A copy of the presentation made by Naavi is available here.
Person arrested in Udipi for Cyber Crime
Feb 24: Police from Vijayawada arrested a person from Udupi regarding a case of fraud committed through the website. The fraud involved collection of money through ICICI Bank R.T.Nagar Branch, Bangalore on the promise of supply of girls. The gang which committed this crime was also found to be involved in drug trafficking. Newsreport
Is India selling itself out to ISO 27001?
Feb 23: appears that India is on the verge of introducing an "ISO Tax" on Indian corporate entities. Recently, the Ministry of Communications and Information Technology (MCIT) released the draft notification proposed to be released in respect of Section 43A of ITA 2008. Knowingly or unknowingly the draft guideline is appearing to perennial drain of funds from India to a foreign organization. ...More
Draft Bill for Electronic Delivery of Servies..Public Comment invited by 10th March 2011
Feb 22: MCIT has released a draft bill on Electronic delivery of services expected to be introduced in the next session of the Parliament. Public can send their comments to firstname.lastname@example.org before March 10, 2011. Draft of the Bill is available here.
The penal provisions of the Bill overlap with ITA 2008. The Bill will provide "Right of Electronic Delivery of service" to citizens which overrides Section 9 of ITA 2008.There is a provision for an Electronic Delivery Services Commissioner to be appointed as a regulator and his permission would be required before any penal action can be launched under the Act.
It is not clear what this Bill may achieve beyond what ITA 2008 itself has provided for and which was open for appropriate rules except perhaps amendment of Section 9. It appears that it would have been better if the objectives of this bill had been achieved by just modifying Section 9 and introducing certain rules under Section 7A of ITA 2008.
There are a few grey areas created because of this Bill (When it becomes an Act) which needs to be sorted out. More comments from Naavi.org may follow.
Draft Guidelines for Cyber Cafes
Feb 20: After ITA 2008 was notified on October 27, 2009, there was an expectation of new Cyber Cafe regulations being notified as part of the ITA 2008 notifications. After more than 15 months of deliberations, a draft regulation has been released by MCIT with a request for public comments to be sent to email@example.com before 28th February 2011....More
Draft Guidelines under Sec 43A
Feb 20: After ITA 2008 was notified on October 27, 2009, and more than 15 months of deliberations, a draft regulation has been released by MCIT on Sensitive Personal Information under Section 43A with a request for public comments to be sent to firstname.lastname@example.org before 28th February 2011.... More
Draft Guidelines for Due Diligence for Intermediaries
Feb 20: After ITA 2008 was notified on October 27, 2009, and more than 15 months of deliberations, a draft regulation has been released by MCIT on the responsibilities of "Intermediaries" such as portal owners under Section 79 with a request for public comments to be sent to email@example.com before 28th February 2011... More
Maruti Job Fraud Scamsters arrested
Feb16: Two persons including a Nigerian National are reported to have been arrested in respect of the Maruto Suzuki job fraud case by the Gurugaon police. TOI Report
Symantec Warns of World Cup related Spam
Feb16: Symantec has warned that spam attacks designed to lure Cricket lovers with offers of tickets may surface during the world cup. Related Article
Beware of Banking with HDFC Bank
Feb 15: HDFC bank seems to be set to redefine Banking. The most common purpose for which people hold Bank accounts is for operating a Savings Bank account where one can keep savings and use it as and when necessary by withdrawing the amount through cheques. However, HDFC Bank thinks that it can change the banking practice on its own and ensure that no account holder issues cheques payable in cash except when the account holder himself goes to the Bank to withdraw his funds through a self cheque. In a strange practice, HDFC charges Rs 100/- plus service tax if you issue an uncrossed cheque and the payee draws cash at the counters of the Bank....More
Nigerian Mail in the name of Ramalinga Raju's wife
Feb15: In an interesting innovation, a Nigerian mail has come into circulation in the name of Mrs Radha Ramalinga Raju. Copy of the mail
Adjudicator of Gujarat awards compensation for Credit Card Misuse
Feb 14: The Adjudicator of Gujarat acting on a complaint from a victim of a Credit Card fraud has awarded a compensation of Rs 85,000/- to the victim. The complainant Pooja Chandrakant Darooka alleged that Mr Nainesh Dharmeshbhai Modi and Mr Darshan Ganeshbhai Rajput had tricked him into revealing credit card details under some false pretexts and caused a wrongful loss of Rs 60506/-. Copy of the Judgement
More Draft Notifications under ITA 2008 released
Feb 14: MCIT has released draft notifications under Sections 43A for "Reasonable Security Practices", "Due diligence Responsibilities of Intermediaries under section 79" and suggested "Cyber Cafe Guidelines". Comments can be sent till 28.02.2011 by email to: firstname.lastname@example.org.
Chanda Kochhar Allows her e_mail to be hacked?
There is a strange way ICICI Bank does business. ..Recently, the undersigned wanted to send a mediation request to Ms Chanda Kochhar to avoid a complaint getting lodged against her which could create civil and criminal liabilities on her. But despite explaining the seriousness to Mr Raghavender through a series of mails, he continues to answer all mails sent to email@example.com. Hope if there is any need for Ms Chanda Kochhar to pay damages or go to Jail, Mr Raghavender would substitute!.... More
Feb 7: The 10th International Online Dispute Resolution Conference was launched in Chennai, Hotel Trident. The conference will continue for three days upto 9th February and is attended by delegates from several countries along with advocates, professors and students from India. Details of the conference are available at http://www.odr2011.org/. A copy of the presentation made by naavi in the seminar is available here: ODR-India as a Global Hub
ICICI Bank fined for filing false case
Feb 6: ICICI Bank was fined Rs 2 lakhs for filing a false case for recovery of vehicle loan and seizure of vehicle when the bank had already seized the vehicle earlier. Court had passed an order for seizure with the condition that the vehicle cannot be sold. However the Bank sold off the vehicle without informing the Court before the next date of hearing when they had been asked to file a report. Related report
G Gopalakrishna Working Group-Comments
Feb 4: This note provides point by point comment from Naavi on the Chapter on Legal Issues in the GGWG recommendations. This may be treated as an initial draft for the guidance of others who want to study the report and understand the implications. The recommendations consist of 18 points and there is a clear indication that RBI is being pressurized by some of the members of the Group to recommend some anti customer suggestions. A similar attempt was made in the S R Mittal Group also but the Group over ruled such members. I hope that even now the core of RBI officials who understand their role in protecting the interests of bank customers would not be swayed by the attempt of a few to derail the recommendations. However in order to meet any eventualities it is necessary for the public to raise their voice against any attempt to make Banks immune to assuming liabilities which are already there in law and which have been upheld by some recent judicial verdicts.... More
Phishing Victims.. Sample Letter
Feb3: In continuation of the previous article, here is a sample letter which I recommend Phishing victims to send to RBI as a comment on the G Gopalakrishna Working Group. This may be downloaded signed and sent to the address mentioned there in or e-mailed as indicated. You can use your letterhead and add any other comments you may like to add. Sample Letter: RBI Press Release
RBI Seeks Comments from Public on G Gopalakrishna Working Group (GGWG) report
Feb 2: Naavi.org has already carried a few articles on the GGWG report. Now RBI has sought public comments before February 14 from stake holders. Stake holders include Bank customers and particularly those who have suffered on account of Phishing. I request all Phishing victims to immediately send their comments. Naavi.org would provide the necessary guidance if required. The comment can be sent by e-mail also. Please see here for details.
WikiLeaks supporters to launch Cyber War against UK
Feb1: Supporters of Wiki Leaks have reportedly posted an online statement to attack UK websites with DDOS attacks. The hactivists have called this similar to "Peaceful Demonstration" while technically it would amount to a Cyber Crime. It is a development which does not have precedents. We need to watch out how this develops in future. Will the attacks be controlled and be a temporary demonstration of protest or lose control and develop into a long term Cyber Naxalism type of activity. Related Article
UIDAI will be liable for KYC failures
Jan 30: It has been reported that the UID will be used as a proof of identity for telecom purpose. It means that UID will substitute the responsibility of KYC obligations cast on mobile companies. While this is good news for the mobile companies, the dependence of KYC on UID by a DOT directive exposes UID to liabilities arising out of failure of KYC. Mr Nandan has been stating that he is not worried about fraudulent use of UID since it is tied with the biometric identification and one biometric can be linked only with one UID. However, one fraudulent UID can now be used for multiple fraudulent mobile connections which can be used for various kinds of frauds. If for any reason, UID is misused will make UIDAI liable for negligence. In all the Phishing cases we are holding the Banks liable if the KYC on the fraudulent customer fails. Now similar liability falls on UIDAI. The stakes for UIDAI therefore goes up by several notches as Banks and mobile companies swear by the UID for their KYC obligations. Hope Mr Nandan has explore the consequences. Alternatively, if the Government tries to protect UIDAI through legislation, there will be chaos with Phishing and Terrorist crimes being committed with the misuse of UID and no body would be responsible for negligence. Related Article