|
Companies are Ignoring Cyber Crime Risks
It has been reported that the Cyber Crime rates as recorded by the FBI s Internet Fraud Complaint Center in USA has shown an increase of 60 % in 2003 with over 120000 complaints having been registered.
While in India there is no mechanism to collect such statistics, the crime rate cannot be less. Unfortunately most corporate entities are oblivious to the Cyber Crime risk and are suffering a huge opportunity loss in not securing their Information Assets appropriately. This negligence on the part of the top management of many IT Companies is simmering below the surface at present and is likely to explode into a ball of fire and engulf many companies.
Though Network security products such as Firewalls and IDS have been in place for some time in the market, many Indian network engineers have not been applying the security principles properly. Providing techno-legal security to the assets is still Greek and Latin to most. Hopefully 2004 will be different and Companies will undertake security audits and put in place better security measures.
Understanding the Nature of Cyber Crimes
Cyber Crimes is a word which has become a common parlance. But what exactly is the definition of Cyber Crimes? How can we classify different types of Cyber Crimes, what are the legal provisions in India.. and many other issues are discussed by Mr Pati in this detailed paper on Cyber Crimes.
|
720 pages of Comprehensive Coverage on Cyber Laws Naavi's "Cyber Laws in India..ITA-2000 and Beyond", first E-Book on Cyber Laws to be published in India consisting of 720 pages of comprehensive coverage on Cyber Laws and relevant issues, available for online purchase at RS 300/- in download form and at RS 400/- on CD. For more information click here. |
Kaazaa Held Legal in Dutch Supreme Court
The Dutch Supreme Court has ruled that Kaazaa which allows users to swap computer files such as music or films for free -- was a legal operation not in violation of copyright. The ruling said the swapping network was legal because Kazaa was not responsible for possible illegal activities by its users.
-This could be termed as an approach similar to what the community has decided on photocopying service which perhaps rejects the DMCA approach of contributory infringement on such tools.
Child Pornography in Spam..Posession is Offence
With the proliferation of Spam many of which contain sexually explicit material including child pornography, it has become necessary to be aware of the consequences of such mails entering the computer of an innocent user. According to the US Code knowingly possessing material containing a visual depiction which involves the use of a minor engaging in sexually explicit conduct could be sufficient for prosecution. The punishment can involve fine and imprisonment upto 5 years.
It is also interesting to observe that an expert witness recently saved a person from such a charge testifying the presence of a Trojan which could have auto downloaded the offensive pictures.
Related Material: US Code Section 2252 :Trojan Presence : Report in Enquirer :Laptop in a moving Car :The Case of Amateur Action
Taiwan Introduces Anti Spam Regulations
With Spam levels reaching around 92 % on an average, it is high time that some regulations are brought into the system to prevent erosion of the productivity of the e-mail system. Taiwan recently announced some measures according to which commercial e-mail despatchers need to take consent of the recipient for receiving the mails or face a stiff fine. Probably we in India need such a measure which can be incorporated as an additional section in ITA-2000....Report in Taipei Times
Peer to Peer File Sharing may be acceptable in Canada
In its recent decision , the Copyright Board of Canada said uploading or distributing copyrighted works online appeared to be prohibited under current Canadian law.
However, the country's copyright law does allow making a copy for personal use and does not address the source of that copy or whether the original has to be an authorized or noninfringing version, the board said. Legal analysts say that the issue is likely to be clarified further in favour of the Recording Industry's contention that such downloading is illegal. ..News.com
WSIS Summit..Follow up Action Required in India
The WSIS concluded in Geneva with an adoption of the declaration of principles and a working group being constituted for further action by the next summit in Tunisia in 2005. It is time for India to sit back and prepare for the next summit with a national level debate on the various issues involved. Though lot of talk was spared for "Digital Divide", "Internet for the Poor" etc, the key issue to be tackled is the administration of the Name and Number Space of Internet and the role of the Governments in this respect. India has so far failed to utilize the opportunity available to it for managing the CC domain and our legislation has no mention of domain space regulation. We need to start thinking in this direction.
Related Reports: Silicon Valley: Wired.com NY Times
Canadian Technology Law..Developments in 2003
A summary of developments in Canada on various aspects of Technology Law..thestar.com
Theft from your Computer can be embarrassing
The importance of information security in personal computers was driven home to the lady Mayor of Northwest British Columbia town,Canada, when a private picture of her was stolen and placed in public domain. The picture showed Mayor Sharon Smith with a big smile and wearing only her chain of office at the Town Hall. The picture was taken at a private time with her husband and was meant to remain private, according to the mayor.
The case also highlights why "Security" is meaningful only when we think of "Techno Legal Security" and not "Technical Security" which ends with data protection through Firewalls, Disaster Recovery and Backups. This is an example of how the consequences of a security breach requires legal recourse...the reason why Naavi advocates that Cyber Law Knowledge is essential for every Computer user. ..Report in HT: Report in wizbangblog
Rs 700 crore Internet Fraud in a single hacking incident
For those who are wondering if Cyber Crimes are really a matter of concern, this incident where three German teenagers are reported to have committed a fraud of over RS 700 crores in two hours by hacking into an auction site and buying a variety of goods should be an eye opener ..Report in IE
WSIS adopts Declaration
The WSIS adopted a declaration of Principles and an action plan for building the Information Society on the last day of the summit. Copy of the adopted a declaration of Principles: Action Plan
Arun Shourie Offers funding support to Information Society
Speaking at tbe WSIS, India's Minister for ICT, Mr Shourie promised that if a fund is set up for supporting Information Society on a Global scale, India will support both in cash and kind..Copy of Speech
RFID to become a Key Perimeter Security Tool
Radio Frequency Identification (RFID) Tags are increasingly being adopted as tools for tracking the movement of hardware in USA. It is reported that the US Department of Defense has recently made it mandatory for all its suppliers to use radio identification chips. Though Privacy groups are uncomfortable with the potential for abuse of the technology, it appears that Cyber Security professionals in India and elsewhere would find the technology useful for securing Information Assets. Since RFID tags can be affixed as labels both on hardware (Laptops) as well as media (CDs, Tapes) and also on files and papers and their movement monitored, it will be a useful Perimeter security tool for Information Security practitioners in high security zones.
The rate of adoption of the technology will however depend on the cost. It appears that costs have reached reasonable levels in USA which may soon be reflected in the Indian Market also. Once the affordability is ensured, RFID will become a standard tool for Information Security.
Related Article:
..US defense department adopts RFID..Thawte.com.World Summit on Information Society
The inaugural summit on Information Society scheduled to be held in Geneva from December 10-12 is likely to discuss several issues of Internet Governance. One of the key issues to be discussed is an increased role for UN's body ITU (International Telecommunications Union) in the matter of domain names. It is expected that the Governments will have increased roles and ICANN may lose some of its control on the Domain Name and Domain Address space. The main objective of the summit is to ensure that the benefits of the Information society reaches all and digital divide is bridged.
The first phase of the Summit in Geneva will adopt a Declaration of principles and a Plan of Action for implementation by governments, institutions and all sectors of civil society to deal with the new challenges of the ever-evolving information society, specifically identifying ways to help close the gap between the "haves" and "have nots" of access to the global information and communication network. Development themes will be a key focus in the second phase in Tunisia and it will assess progress that has been made and adopt any further Action Plan to be taken.
The official list of announced participants for the WSIS does not indicate any representation from India though it should be presumed that the Secretary DOT should be an invitee along with a few of India's UN representatives. Hopefully they will articulate India's concerns in the issue...Naavi, 8/12/2003
Report in TOI , Washington Post, WSIS
The CAS Arrogance..What does the PM has to say?
When the CAS (Conditional Access System) system was introduced in Chennai, the PM had given a solemn assurance that the system would be consumer friendly. However just when the system is ready to be introduced in Delhi, the system is bearing its anti consumer fangs clearly as reflected by the advertisement in The Hindu issued today (8th December 2003) by ESPN Software India (P) Ltd. The public notice issued in the advertisement says that commercial establishments are prohibited from carrying ESPN and Star Sports services without a written authorization from the broadcaster. Since the privy of contract exists only between the consumer and the Cable TV operator, it is not clear under which provision the power to deal directly with the consumer is being arrogated by the broadcaster. The Chennai office of ESPN has indicated that they will have a separate rate for commercial establishments. It is also not clear if he Act permits such differential charge and if so what are the guidelines.
The issue is likely to lay down a principle that one STB (Set Top Box) is only for one user and if a household invites its neighbors to watch their TV ESPN may have an objection.
The MIB (Ministry of Information and Braodcasting) has not so far implemented either the RS 72/- charge for free channels, nor forced the Cable operators to issue receipts, nor introduced a grievance handling system, nor made Cable operators to issue a contract for STB purchase or renting. The consumers have been forced to buy a non transferable STB and pay a heavy price for the SIM (Subscriber Identity Module) card.(Rs 600 at Chennai)
The Prime Minister needs to explain how his promise of "Consumer Friendly CAS" is being implemented.
Virus Writers could face Life Imprisonment !!!
The proposed Sri Lankan Prevention of Cyber Crime Act has one of the most stringent provisions reserved for Cyber Terrorists. According to the draft act pending legislation,
"Any person who causes any computer to perform any function and thereby causes danger or imminent danger to national security, national economy or public safety shall be punishable with imprisonment for a term not less than five years and which may extend to life."
Since the Act also provides for extra territorial jurisdiction, hackers and virus writers any where in the world need to be wary of the possibility of being hauled up if their act touches Sri Lankan Information Assets.
(Ed: A series of articles analysing the provisions of the proposed Act will be presented on this site shortly...Naavi)
HSBC Warns on a Pseudo Site
Hong Kong Bank has warned that a pseudo site is attempting to collect critical customer information such as log in ID and Passwords of its customers. This is a typical fraud being attempted frequently on Bank websites....Report at the age.com.au
Finance Ministry to introduce Digital Stamps
The Finance Minister of the GOI has announced that the Government is responding to the Stamp Scam with the introduction of a new system of Digital Stamps. It appears that the system will be close to the Digital Stamps system suggested by Naavi using the Patent pending Digital Value Imprinted Instrument System. .Details of the Novel Solution..Naavi.org,..Report at Rediff.com
Online Bus Ticketing in TN
Tamil Nadu has introduced online ticketing system for State and Interstate Buses through the website http://www.setctn.com/ . An improved system has been suggested by Naavi to some of the State Governments based on the versatile patent pending Digital Value Imprinted Instrument System, details of which are available here (PDF)
Google Makes a Reference to Court on Key Word based advertising
Google has referred the issue of whether key word based advertising infringes on Trademark rights. The service enables companies to get their banner advertising displayed when specific key words are used for search. .Details in HT
Chattisghar takes a leading step in Cyber Law Compliance in E-Governance
While the South Indian states are vying with each other as the most advanced e-Governance implementers, surprisingly, the Chattisghar Government appears to be one of the few State Governments which has tried to make its projects Cyber Law Compliant. In this direction the Government has taken steps to formulate important rules on appointing "Authorized Citizen Service Agents" to undertake E-Governance projects. Though the Government in Chattisghar has now changed, we need to appreciate the initiative which needs to be taken not of by other States as well...Copy of the Rules (PDF)
Convergence Bill..Back in Contention
After several years of discussion the Communication Convergence Bill had recently been pushed aside. It appears that an Inter Ministerial Committee will now take up the Bill for consideration once again...Report in EFE
Stamp Frauds may Be Present in Other States Too..
According to the investigating officer probing the Stamp Frauds in Karnataka, fake stamps are likely to be present in states other than those which have presently been identified...Details in Deccan Herald
Will Documents using Fake Stamps be Valid?
The Finance Minister of the GOI made a statement recently to the Press that fake stamps may not make documents invalid. This however appears to be a misleading statement though good intentioned. Any documents using fake stamps is legally equivalent to an unstamped document. Unless a competent court condones the non payment of stamp duty and collects at least the value of the stamp again (if not a penalty), the documents will not be valid. Even the Court which comes to know of the fact may not have any discretion in this matter unless the laws of the land are changed ..News report
Video Conferencing launched by SIFY
SIFY launched its video conferencing facility over broadband at a cost of RS 5 per minute across 24 cities in India....details at Sify.com
Do You Know? IS Aware Professionals get 200 % higher Pay?
According to Express Computers,
"Industry observers point out that security is one of the most sought after and best-paid career. ... in the US, an entry-level IS professional can command a salary of $75-80,000 per annum, with the one at the higher-end earning somewhere around $1,50,000. In India, an IS aware professional (say a network administrator), will earn close to $35-40,000, with the top rung earning around $1,20,000 per annum."...
"Salary difference between an IS and the ‘IS aware’ professional can be upto 200 percent,” Felix Mohan, CEO of Secure Synergy.
It is in this context that the courses conducted by Cyber Law College offering IS (Information Security) qualification become extremely relevant..
If you would like to know more about Naavi, the information is available here.
For Any Payments to be made to Naavi online : Naavi_s Payment Center
