"This website is the Wikipedia of Indian Cyber Laws".. A Visitor's remark


Comments on G Gopalakrishna Working Group Report

Comments on Cyber Fraud Issues Comments on Consumer Education
Comments on Digital Signatures, 2F authentication, Sec 65B etc  Comments on Offences, CA business and Online nomination
Comments on Encryption and Data Protection Comments on "Intermediary Status"
Comments on "Cheques in Electronic Form" Comments on Legal issues in G Gopalakrishna Working group recommendations
Are Vested Interests at Work to manipulate RBI ? Phishing Risks under G Gopalakrishna Working Group Report
Role of Adjudicators in Phishing Cases Reiterated  Summary of Report: Full Report :
RBI Notification

Naavi.org Gives its Complete Support to the Anti-Corruption movement initiated by Mr Anna Hazare

Minister Calls for Cyber Law Education in Colleges

March 31: Speaking at a function in Pune, Union Law Minister, Sri Veerappa Moily called upon the Law Colleges to introduce courses on Cyber Law to spread the awareness and prepare the country for meeting the threats arising out of increasing Cyber Crimes. Related Article

Customers of Canara Bank..Beware

March 28: A phishing mail is in active circulation targeting customers fo Canara Bank. I hope Canara Bank takes some proactive steps to ensure that the mail does not hurt its customers. Naavi.org has sent an e-mail warning to one of the AGMs of Canara Bank whose e-mail ID was available on their website. Hope they would take suitable action to mitigate the risks in consultation with appropriate specialists.

ICICI Bank trying to gag Naavi.org

March 28: In a continuation of the discussion on the status of freedom of Blog speech in India, it is necessary for the public to be kept informed that ICICI Bank has launched legal action  to get some content from Naavi.org removed since it is unacceptable to the Bank. Since there is no national interest involved in this instance and Naavi is an activist who is trying to assist certain victims of Phishing in the Bank it appears that the move is to apply pressure against Naavi's attempt to help Phishing victims. This matter is being placed for public records through this blog as a matter of abundant caution and in self defense since there is an anticipation of further actions from the Bank which could cross limits of public morality. If and when such undesirable consequences arise, I request support from all those who hold the freedom of speech dear to their hearts.

March28: The powers provided in ITA 2008 under Sections 69,69A and 69B for interception and blocking of websites and calling for information from data handlers has caused concern in the Internet publisher community and more particularly the blog community. Naavi.org has advocated creating of a Netizen's Protection Force to prevent abuse of law under these sections. While blocking of websites for reasons of national security cannot be questioned, what is alarming is the attempt to mis-apply certain provisions of ITA 2008 by private parties to muzzle criticism which is legitimate and based on facts though it may be an inconvenient truth to some persons. The Supreme Court of India is seized of the matter of public interest in disclosure of private conversations on telephones in the Nira Radia case and is expected to throw some light on the limits to which such powers should be used by authorities. Though the issue here is different from the freedom of expression issues that apply to blocking of websites, there is a clear indication that there will be discussions on whether such disclosures are welcome as part of a democratic process particularly after what happened in Egypt. Now CERT-IN which seems to have rechristened itself as ICERT has to exercise discretion before using its powers to block. In the E2labs Vs Zone-H org, it appeared that CERT IN indirectly contributed to the blocking by being a passive party just implementing the interim order of the Court instead of taking a more proactive role in helping the Court come to a suitable decision. In the light of this passive attitude the prospects of misuse of ITA 2008 has raised more concerns after the draft guidelines under Section 79 has been released. It is natural that it has attracted criticism in the global press as this article in WSJ indicates.... Related article in WSJ

dot XXX domain name is a welcome development

March 27: In the last few days, several press reports have been planted in Indian media stating that "Indian Government may oppose the introduction of .xxx domain names". (Refer article "India to oppose .XXX domain for Porn sites" in Economic Times. It is clear that there are vested interests in India including the ISPs who want to proliferate pornography for their commercial gains. Naavi.org strongly recommends creation of dot XXX domain names so that the segregation of sites take place. In fact after the segregation, the regulation becomes far more easier and effective... More

FIR filed for Prank Tweet

March27: Irresponsible tweet by a Mumbai resident that three cables of the Sea Link bridge in Mumbai caused panic amongst the road users. Rightly a criminal complaint has been lodged and the person responsible been questioned. It is understood that the accused is the husband of a well known celebrity and that he has admitted that he posted the tweet as a prank. It is essential that such pranks destabilize whatever reliability is left in the Internet and needs to be punished appropriately. Related Report

Market Intermediaries(Financial) require E Mail Controls

March26: SEBI has mandated that market intermediaries who advise their clients on investment need to ensure that employees donot forward e-mail messages to clients without the mails being approved by the compliance officer of the company. This means that there needs to a control where by employees get approval for outgoing e-mails. This is an indication of a compliance measure which may be indicative of the requirements of other  organizations as well... Related Article

Julian Assange speaks to The Hindu

March22: In an interview with The Hindu, Julian Assange of Wiki Leaks has shared that several countries are waiting to get their hands on him and charge him of offences of various kinds. The Wiki Leaks release of US cables has opened a huge debate on whether revealing of confidentiality of conversations between diplomats is really in the public interest or not. Can Governments claim that the leaks are anti people?. Is preservation of information that is embarrassing for politicians be considered as a violation of privacy? For those who are honest and can own their own statements, the revelations are of no concern. It is perhaps only the guilty who would like their faults to be hidden under the diplomatic hood. It appears that the law of privacy may need to be revisited if the current type of leaks are to be considered as anti democratic... The interview in The Hindu

Mobile Identity Makes Bank Customers Vulnerable

March21: Banks in India are ready to launch into a Mobile Banking Era. RBI seems to support it and none other than the good old SBI is promoting the "Bank in the pocket" concept. But it is clear that RBI and SBI are digging a grave for Indian Bank Customers and exposing the customers to risks which will make them search for alternatives to Banks as a safe avenue of investment. If Mobiles are to be used for critical banking transactions, there is a need for some changes in the the way Banks use mobiles as a 2nd factor authentication of customers and how MSPs reissue mobile numbers no longer in use. The article referred to here indicates how Banks use the same mobile numbers associated with more than one account and are adamant not to change even when pointed out. RBI should explain how they treat mobile banking as secure when the same mobile number is associated with multiple customers. This is not an isolated account. Naavi himself has two mobile numbers used by him which SBI and ICICI Bank have registered for other accounts. A major cleanup of mobile records in banks is overdue and the responsibility is on the RBI to ensure this. Related Article

Article in Hindu BL

Bangalore Cyber Security Summit Concludes

March 18: The two day Bangalore Cyber Security Summit, 2nd Edition concluded  with a valedictory address by Sri S.T.Ramesh, DG and IG of Karnataka. Dr Ramani of IIT-B and Mr Prabhu, Principal Accountant General also participated in the function. One of the show pieces of the event was the video conference in the beginning of the day when Mr Sam Pitroda addressed the participants and invited young engineers to be part of the National Cyber Security network. A set of preliminary recommendations of the Think Tank of the Summit was presented by Naavi as the Chairman of the Think tank.  More detailed information on the summit will be found shortly on the website www.bangalorecss.in. Report in expressbuz

Bangalore Cyber Security Summit Inaugurated

March17:  The Bangalore Cyber Security Summit, 2nd Edition was inaugurated today by the honourable Justice Sri Rajesh Tandon, Presiding Officer, CAT. Mr Tandon also confirmed that if the State Government provides the necessary facilities to the adjudicator, CAT can conduct its sittings in Bangalore and also recommend setting up of the Southern bench of CAT at Bangalore. IT Secretary Mr M N Vidyashankar has promised necessary action in this regard.Report in NDTV.: Report in TOI : Report in BS : Report in IE

New Domain Names planned

March17: ICANN is proposing to introduce super gTLDs such as .name without any specific extensions. Registration of such domain names are expected to cost US $500,000 and meant for use by brand owners. Related Article

Google Feature may block Domain Parking menace

march16: Domain parking is business strategy promoted by domain name registrars to encourage people to register lookalike domain names with the hope of attracting advertising revenue when netizens visit the site through a google search mistaking it for the information site they are seeking. Now, Google is providing an option for public to block certain sites from their search results. Though presently this is an individual choice, the information gets accumulated with Google and over a time if it wants, Google may block certain sites from being displayed against a key word if it feels that a large number of users have blocked the site. Hope Google does introduce such an additional feature of course with necessary checks and balances to prevent misuse. Related Article

Average Cost of Data Breach US $ 7.2 million

March 16: According to the 2010 Annual Study on US Cost of a Data Breach released by Symantec, the average cost of data brach for a US Company is placed at US $ 7.2 million. This is higher than US $6.8 million in 2009 by 7%.. Negligence remains the most common cause of breach incidents (41%), followed by lost or stolen portable or mobile devices (35%), malicious attacks (31%), and system failure (27%). Report

Private Complaints Allowed under HITECH Act

March 16: Unlike the HIPAA provisiosn earlier which did not provide for private action for data breach, HITECH Act allows individuals injured by a HIPAA breach to seek a share of the penalties. It also allows state Attorneys General to enforce HIPAA directly rather than requiring them to seek enforcement only through OCR. In one of the largest civil penalties handed over, a company called Cignet has been imposed a penalty of US $4.3 million.. Almost immediately, OCR also announced a $1 million settlement against Massachusetts General Hospital in Boston for an incident involving the loss of 192 patient records belonging to Mass General's Infectious Disease Associates outpatient practice,

FTC approves Settlement with Twitter in Security Breach

March16: Twitter has entered into a settlement agreement with FTC agreeing to establish a rigorous information security policy to prevent compromise of the security of its user's account. This follows a hack in 2009 where private data of users were compromised. One of the deficiencies reported was that Twitter was not locking the access on unsuccessful log in attempts and an employee's account was hacked by a hacker through multiple attempts with a guessed password which itself was a weak password being dictionary word in lower case only.  Report in eweek.com : Related Article on twitter rolling out https security

Gujarat to go for Online Voting

March16: Gujarat State Election Commission is set to use online voting system for municipal elections to be held in Gandhinagar. This will be the first time the online voting is expected to be used in India and it would be interesting to see if the system would meet the requirements of law.Report in businesswireindia.com

Curtain Raiser for Bangalore Cyber Security Summit

March15: A press conference was held by IT and BT department, Government of Karnataka to introduce the Cyber Security Summit 2nd Edition, a two day event set to be held on March 17th and 18th at Bangalore. Report in Hindu : mangalorean.com : Business Standard : Deccan Chronicle : Deccan herald : BS2

Independent Directors may be liable for legal compliance

March 15: According to this report in HT, the new Company Bill is expected to clarify that the independent Directors may be liable for legal compliance.  Report in HT : Related Presentation

Adjudication in Hyderabad

March14:  A press release was issued by AP Government reiterating that the IT Secretary of the state would  be the adjudicating officer for the State under ITA 2000. The address of the office for contact is given as : Prl Secy IT&C Dept, Room No: 431,D-Block, 3rd floor, AP Secretariat, Hyderabad-500022. Phone 040 23456401 Fax No: 040 23450103. e-mail id : prlsecy_itc@ap.gov.in Mr D Venkatachalam, SSA IT&C Dept is the Presiding officer and contact details are : Room No: 437, D-Block, 3rd floor, AP Secretariat, Hyderabad-500022. Phone 040 23450043 Fax No: 040 23450103. e-mail id : jtdir_infra_itc@ap.gov.in . The department has indicated that  Public who are effected with Cyber crime such as Phishing, Cyber Frauds, Malware, Denial of service, Cyber espionage, Identity theft, Data theft, Mobile device attacks, Financial crimes, Social engineering, Cyber terrorism, Spam etcmay lodge a complaint with the Adjusting Officer for holding an enquiry. .. Report in DC Report in finance.buzz : Report in sify.com : Press release

Blog Censorship and Action Plan

March13: The notification of the draft rules under Section 79 has raised concerns in the blog world about unfair censorship. In order to ensure that "Authorities mandated by law" donot misuse the provisions of the rules to impose censorship, there is a need to create a "Bloggers Association of India"  and seek certain legal status to counter unfair imposition of censorship on the Internet media.  In 2004, Naavi had proposed such a forum to be built and it is time to renew the effort. (Refer series of articles under Bloggers Beware ). Naavi.org would like to invite suggestions from bloggers in India on this aspect. Related Article in The Hindu

Telecom Companies Caught in Forging Customer Forms

March11: In a damning report against two prominent Telcos namely TTSL and RCom, DOT has found that customer's forms are often forged and manipulated with malicious intentions. Though both companies have apparently blamed their outsource partners, lack of adequate controls to prevent frauds are apparent. The Telcos are therefore answerable to the public for their weak systems in administering their work whether done by an outsource partner or an employee. Substantial penalty has to be imposed on the companies to ensure that they donot continue to err in future... Related Article

Effect of Proposed Rules u/s 79 and Internet Censorship

March 9: The draft rules notified under Section 79 have evoked belated responses in the Press about the adverse effect of some of the suggested provisions related to freedom of speech. Let's therefore analyze the complete impact of the draft rules.... More : Related Article in  informationmadness.com.

IRCTC Sacks Agents

March 9: Naavi has been complaining for a long time on the misuse of IRCTC booking particularly the tatkal booking. At last there appears to be some action as per this news report in techeye.net  Related Article in bloggersnewsnet, techgoss

Comments on EDS Bill 2011

March 7: In order that members of the public may send their comments to MIT regarding the proposed Electronic Delivery of Services Bill 2011, we provide here some comments from Naavi.org;: Article 1 : Article 2 : Article 3 : Copy of Bill

A Section wise comment is available here

Due Diligence of Bloggers

March7: The draft notification on Section 79 of ITA 2008 has raised certain issues of concern regarding freedom of speech. This article in Hindu focusses attention on the suggested provisiosn in the light of the recent WikiLeaks. There is a need for a broader debate on this issue. Article

DGP's e-mail hacked!

March3: Karnataka DGP in charge Mr S.T.Ramesh must have been surprised to receive calls from his friends enquiring about his well being. Many of his e-mail contacts are reported to have received e-mails seeking financial help since he was stranded in a foreign city without cash. This is a well known fraud where the e-mail account of a person is hacked and mails soliciting help sent to all the contacts. Mail will seek payment through Western Money  union with which the fraudster will have an account probably with a Nigerian address. Normally Police refuse to take further action in such cases. Perhaps now that the DGP is the victim, he should launch prosecution against Western Money Union as an Intermediary so that this menace can be reduced substantially... Report in Deccan Chronicle

TN Unveils a IT Security Policy for Government Websites

March1: In a unique move, TN has unveiled an information security policy applicable for Government websites. It will set a minimum security requirements to be followed by all departments. It is an excellent initiative which can be emulated by other states. Report



PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar

PR Syndicate, (an organization of Corporate PR Professionals in Chennai,)  celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life"  was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More


  What is Naavi.org?

Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.

The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.

The second key service is the Cyber Evidence Archival center which provides a key service to help administration of   justice in Cyber Crime cases.

The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.

The fourth key service is the online mediation and arbitration service another unique global service.

The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.

Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.

Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.


If you would like to know  more about Naavi, the information is available here.

For Any Payments to be made to Naavi online :  Naavi_s Payment Center

[Valid RSS]

RSS Subscription



Cyber Law College
........The Other name for Cyber Law Education in India
[Download Brochure]