Awake and Stop Not until Indian E Banking is made Safe
We Are being Watched!
May 30: Gary Kovacs is the CEO of the Mozilla
Corporation, introduces "Collusion" a Mozilla Fire Fox Addon which
tracks the trackers, those who are following users on the Internet. An
interesting thought on how there is no "Privacy" on the Internet.
View the short speech :
Chinese Backdoor found in US Military Chips
May 28: Some research organizations have reported
that some of the silicon chips found in sensitive US military
installations had Chinese backdoor installations.
Naavi steps up HIPAA program
May 27: While HHS has stepped up its HIPAA
compliance drive in US, Naavi has undertaken his own mission to step up
the compliance level of Indian organizations as an industry. Naavi has
therefore initiated a plan of action for an all India HIPAA awareness
drive particularly in the Medical Transcription industry where there are
a large number of SMEs operating without adequate compliance of HIPAA.
The objective of this drive is to ensure that non compliance of HIPAA
does not become an excuse for vested interests in US to stop flow of
Health care related business to India. As a first step towards this,
Naavi will be creating a forum of HIPAA professionals in the three
segments namely "HIPAA Privacy", "HIPAA Security" and " HIPAA
technology". A Linked in group has been created for this purpose called
"HIPAA Forum of India".
A separate website
www.hipaa4india.in is also being created to ensure that along with
Naavi.org where a HIPAA section would be created for dissemination of
HIPAA related information, a dedicated website would also supplement the
efforts. Naavi welcomes suggestions and comments from others in this
95 more Healthcare Organizations to be audited under
HIPAA this year
May 27: In continuation of its mandatory audit
scheme, HHS had targeted 115 audits this year and it is now reported
that 20 audits have been completed and another 95 audits have been lined
Anonymous exposes Section 69 Violation by
May25: Anonymous hackers have in a recent
virtual press conference have revealed a list of URLs blocked by
Reliance ISP which contains many URLs other than those which either a
Court or MCIT has ordered. This means that the ISP has contravened
Section 69 and is liable under Section 66 for denying access without
authority to certain web sites. Now that this report is in the public
domain, it is necessary for the Government of India to take note and
act. Otherwise it will amount to dereliction of duty on the part of the
GOI officials responsible for maintaining law as per ITA 2008.
Report in Live Mint :
PNB's Information Security System has failed
May 25: Recent fire in Parliament street building
of Punjab National Bank is reported to have affected its data center to
the extent that more than 5000 branches of the Bank are unable to carry
on transactions under the Core Banking System. Since this issue seems to
be persisting after 5 days there is a serious question mark on the DRP/BCP
system prevalent in PNB.
What GOI has been doing for National Security
May 25: From time to time the issue of
National Cyber Security in the context of China Risk has been discussed
in these columns. It is obvious that the DIT has not been much concerned
about the China Risk for whatever reason.
Here is more information on the efforts of BAPSI in this regard.
Why Indians are getting paranoid about
May 23: Indian Citizens understand the need of
the Government to collect information about Internet transactions for
the sake of national Security. But what is opposed is the tendency of
the political party running a Government to misuse law to stifle
Article in Live Mint
Microsoft Launches its own Social Network
May 22: Microsoft has reportedly launched its
own Social Networking site "Socl" (http://www.so.cl/
). It provides an "Open Search" where the search of one member is
visible to others. Presently the membership is yet to be opened though
registrations are being made. At a time when Facebook has just made an
IPO and GM has pulled its ads off Facebook for whatever reason it has,
the addition of one more social networking media is an interesting
development. There are however discussions on how the social networking
media is already crowded (see
this article in business insider). However Socl appears to be
experimenting with a new concept of "open Search" and this could be a
parity breaker if the concept succeeds to attract the market. We need to
wait and see how this concept is received by the public.
Netizen bodies should be consulted on Sec 79
May 22: Union minister Mr Kapil Sibal has
assured in Rajyasabha that the GOI is not interested in Internet
censorship and he will work towards a consensus approach in the framing
of IT rules. The Minister has said that the rules were cleared by the
committee of subordinate legislation and it was not as if Parliament
were not overseeing these rules. It was also stated that the rules were
discussed with CII and DSCI and he is "Proud" of the provisions.
Article in Hindu
We would like to remind the honourable minister that
all the four the rules notified on April 29, 2011 including rules
under Section 79, Section 43A, Section 6A and Cyber Cafe regulations are
badly constructed and each have their own issues. While the Intermediary
rules lead to unconstitutional Internet censorship, the reasonable
security rules under Sec 43A is an unconstitutional commercial
promotion. The e Governance rules of Sec 6A conflicts with a bill
presently before the Parliament and the Cyber Cafe regulations are
completely impractical. It is therefore clear that if there was a
consultation process with CII and DSCI before these rules were framed,
the process has completely failed.
We would also like to remind the MCIT that they have
failed to include the Netizen bodies in the consultation process and
hence the people interests have been ignored. It is necessary for the
Government to therefore rethink on the constitution of the consultation
committees if there is any seriousness to the assurance given by the
Minister in the Rajyasabha.
Clarity Required on the Chennai Court Order
for Website blocking
May 21: I was informed in an FM Channel
discussion that the Court order in respect of the film "3" (for better
clarify we shall call this the Kolaveri Film) was to block 15 specific
download links and it was the mistake of ISP that resulted in the
blocking of whole websites causing inconvenience and denial of access to
many others. However many others have informed the undersigned that the
order did not contain any such specific links.
I am also keen to know what were the remedies that
were sought in the plaint. Did the prayer ask for compensation on
infringement from any John Doe or simply sought blockage of information.
Also did the ISPs not bring it to the attention of the Court that it is
not possible for them to block individual links and remained silent
spectators during the Court proceedings? Were they not aware that they
would be infringing on the rights of thousands of others in trying to
protect the rights of a few?
I request any person having a copy of the order
to let me know the details.
Cinema and Copyright
May 21: The film owners have suddenly become
conscious of their legal rights through Copyright. They want John Doe
orders to prevent infringement of copyright and even it means curbing
the freedom of expression of a larger section of the society. The
industry however comes out strongly in defending its own freedom to
propagate Sex and Violence beyond tolerable limits and to the detriment
of the society. There is a need to get a John Doe order against films
depicting and glorifying rape, murder, sex violence and other illegal
activities. I am sure that at that time the industry would suddenly wake
up to "Freedom of Expression" and oppose "Moral Policing". I hope it
will atleast help them take a balanced view of the issues arising out of
copyright infringement issues they are now raising.
Cyber Jurisprudence and John Doe Orders
May 21: The John Doe principle which is being
used frequently because of the few Court decisions in the Copyright
issue has an impact on the evolution of Cyber Jurisprudence. Indian
justice system has always placed a heavy reliance on the identification
of an accused and the John Doe principle is therefore an exception to
the general rule borrowed from the US jurisprudence.
The first point which I place for debate is, that the
John Doe principle gives legitimacy to "Anonymity" and if
"Anonymous" users of Internet can be subjected to legal processes, we
need to also accept "Anonymity" as a "Right".
The second principle for debate is that the US
principle does not seem to recognize "Speculative John Doe" and in this
respect Indian Courts seem to be have taken a step further into defining
the new Jurisprudential principles. I have been informed (in a
conversation on Chennai online FM) that the Court order is in respect of
specified links and therefore the order was not "speculative". If so,
the order cannot be faulted.
The developments since the order was made however
mean that it is the mistake of ISPs that the whole websites have been
blocked instead of the specific links which the Court ordered. If so,
such ISPs would be liable under Section 69A of ITA 2008 for wrongful
blocking of the websites and under Section 66 for causing denial of
Hope some body launches action against the ISPs and
gets a John Doe Compensation for a public cause of "Protecting the
Freedom of Expression" in favour of a Netizen body dedicated to the
cause of "Free Internet". Alternatively, the Court can itself take
action to retract its order since its effect has not been as
anticipated. If in the process the copyright owner suffers a loss, the
remedy is to recover the loss from the websites subject to
Section 79 of ITA 2008.
Why This Kolaveri Di?
May 21: The speculative John Doe order that
has shut off many Internet Video uploading websites on the eve of the
release of the Tamil Film which became famous for the "Kolaveri Di" song
has raised several issues of legal, ethical and democratic rights. It is
well acknowledged that the film must have benefitted enormously by the
viral distribution of "Why this Kolaveri Di" song. Even at that time
there were Copyright related issues which the song owners/producer did
not mind. They were happy with all the websites which uploaded the music
and its various variants. But now suddenly they see the same sites as
Further there is a need to debate if the logic of a
speculative John Doe order where the commission of an offence itself is
not in evidence besides the persons who might commit the offence, is in
violation of the basic rights of a Citizen to exist and carry out
legitimate activities on the Internet. It is the snatching of the rights
and freedom of all those who were perhaps using or intending to use
(invoke the John Doe Principle) the services of these sites for legal
In this order the victims are the genuine users of
the blocked services who were neither acknowledged or given an
opportunity to defend their rights. In the interest of natural justice
to these persons the Court ought to have issued a public notice that
since its order is likely to affect unknown members of the public,
persons who are likely to be affected may implede themselves in the
case. But the plaintiff would have forced the Court into taking a
decision citing the urgency related to the release of the film.
The order however suits the current requirements of
the Government of India to impose censorship of the Internet media and
hence there is a convergence of commercial and political interests in
supporting this decision of the Court.
However in the interest of Democracy as well as the
principle of natural justice, there is a need for this decision to be
reviewed. Courts should in such cases stop at issuing orders to the
designated websites to impose extra controls to prevent that an offence
as speculated by a plaintiff does not occur and if it occurs, immediate
remedial action is initiated without waiting for further judicial
orders. It should only be an "Advance notice" rather than an "Actionable
Blockage of the site based on the plaintiff's charge".
Also in the same order the Courts could have provided
for compensation to the genuine users of the websites which have been
blocked from using the same to be paid by the plaintiff.
Related Article :
Article 2 : More on
CERT IN Website hacked
May 20: In a continuation of the protest against
the GOI policies on Internet Censorship, group of Anonymous hackers are
reported to have defaced the Indian CERT website, a symbol of National
Cyber Security. CERT-IN has acknowledged the attack but maintains that
the site did not go down but was up and running.
Report in TOI
Motion Moved in Rajyasabha for Sec 79 Rules
annulment ...but defeated
May 18: It is heartening to note that a motion
has been moved in the Rajyasabha of May 17 2012, for annulment of the
"Intermediary Guidelines 2011" notification made on April 11, 2011 by
DIT. However it is sad to note
that the motion has been defeated.
The rules were being long debated as "Ultra Vires" the ITA 2000 and
the Constitution. Mr Rajeev had rightly invoked the issues of Cyber
Regulations Advisory Committee as well as the Human Rights aspect and
"Censorship rights in private hands" as the grounds under which the
rules need to be withdrawn. Mr Arun Jaitely had supported the motion
But the Government stopped with Mr Kapil Sibal
promising to discuss the issues with the relevant stakeholders. We need
to wait for further developments including the intervention of the Court
through a PIL.
Speech made by Mr P.Rajeev. : Speech of Mr N.K.Singh :
Consonance With The Best International Practices'
Speech of Mr Arun Jaitley:
A Threat To
Report in channelnewsasia
Recent References in Naavi.org:
Internet and Human Right :
Intermediary Guidelines is now a Human Rights issue
Call for Scrapping April 11 Rules
Activists Demand Scrapping of ITA 2008 rules
Has the time come to work on amendments to ITA
2008? : Internet Censorship in India
Birth of Cyber Naxalism in India?
May 18: The reported DDOS attack of "Anonymous
Hackers" on the websites of the Supreme Court, MCIT, BJP and Congress, (Related
Article) raises a serious concern on how the ill advised
actions of the MCIT is encouraging hactivists to pursue a policy
of confrontation with the Government. ....The Government now has two
choices before them.
DIT becomes a Internet Censor Ministry
May 18: The recent developments involving a
series of website blockings by the DIT on grounds of politicians being
represented in cartoons or tweets in a derogatory manner indicates that
the DIT must be spending enormous time and energy on its censorship
activity. The Government should realize that it has more important
things to do.. for example appointing/designating the Chairperson for
Cyber Appellate Tribunal. The department seems to have completely
forgotten their responsibility while engaging the time of his
executives in unproductive political cartoon hunting. The IT super power
that Indian wants to be is now fast becoming a country which is as
tightly regulated as authoritarian countries such as China. If this
trend of choking regulation of internet content is not reversed, it is
bound to percolate to the Judicial views also as it appears to be
happing in the Copyright related decisions and will destroy of our
democracy. The days of Internet Emergency is not far.
The World of John Doe Orders
May 17: Recently there has been a spate of
website blocking attributed to release of new films. It is understood
that in these cases the producers of films have been able to convince
the Courts that there is a possibility that some unknown person may
infringe copyright using a website and hence it should be blocked.
Though this is referred to as "John Doe Order" it is more a "Speculative
John Doe Order" where it is not only the offender which is not known but
the offence itself has not occurred.
India to press for Changing Internet
May 16: The fact that the Government of India
is moving towards Internet Censorship has been visible in many of the
actions f DIT over the last few months. The systematic manner in which
ITA 2008 is being misapplied to gain control on Internet Content bas
brought Indian policies on the Internet close to that of China and other
Though the western countries have also followed
similar policies in the case of Wiki Leaks, the move of the Indian
Government to suggest changing of the ICANN structure to bring it under
the Control of the Government bodies is a significant step in the
direction of a Government controlled Internet. The move is now
threatening to brand India as a "Totalitarian State" on the Internet.
Just as individuals take different Avatars in the
digital society, the "Democratic" India in the physical world is now
taking on "Totalitarian" avatar in the digital society. As a
combination, the present Internet policies of DIT have made India a
This move may give further support to the demand for
a "Universal Declaration of Independence of the Internet" and rebirth of
a democratic "For the Netizens, By the Netizens, of the Netizens
Governance structure", the ICANN-2.
this report in The Hindu
Bluetooth used for Copying in Examination
May 16: In yet another case of high tech
examination fraud, blue tooth enabled ear phones have been reportedly
used in an administrative examination. A gang of seven persons have been
identified as having committed the fraud where 24 persons (including 5
women) seem to have paid upt o Rs 7 lakhs each for being dictated with
the answers while writing the exam.
Report in TOI
Sec 79 rule to come for discussion in
May12: The statutory motion for annulment of
rules under Sec 79 of ITA 2008 issued on April 11, 2011 is expected to
be taken up for discussion in Rajyasabha on 15th of this month.
Another Court order for removal of defamatory
May 11: In another instance of Section 79 of ITA
2008, Delhi High Court has ordered removal of primafacie defamatory
content against Sri Sri Ravishankar. It may be noted that the Court has
made a reference to the 36 hour rule for content removal to be counted
from the Court order being received by the intermediary (Google in this
Copyright Amendment Bill gets Cabinet
May 11: The Copyright amendment bill which was
pending for a long time is reportedly cleared by the cabinet today. The
exact copy of the final amendments need to be checked.
John Doe Orders and Internet Censorship
May 10: An increasing number of John Doe
orders obtained by the Film industry in India prior to release of major
films has raised a debate on whether such orders are being applied in a
manner that they are becoming more of a tool of censorship. It appears
that the order which has resulted in the blocking of Vimeo site is a
"John Doe Speculative order" where it is based on not only unknown
infringers but also for a contingent event that may result after the
release of the film. Is it a new legal principle being established? or
is it a passing phase where a principle is being misapplied?.. only time
Cyber Appellate Tribunal in Bangalore?
May9: During the first Bangalore Cyber
Security summit in 2009, a promise was made by the then Presiding
officer Sri Rajesh Tandon that he would be happy to see the setting up
of a southern bench on CAT in Bangalore as proposed by Naavi. The then
Home minister of the Sate, late Sri M. V. Acharya as well as the Law
secretary of the state who were present during the deliberations also
agreed with the suggestion.
Subsequently, despite several attempts, the State
Government never took steps to send a formal request to the CAT and the
matter remained unattended. During the second Bangalore security summit
in 2010, the IT Secretary Sri M.N.Vidyashankar again promised that
the CAT Southern bench will be set up within a few months. Nothing moved
except that Justice Rajesh Tandon moved out of CAT on superannuation.
The Government of India did not move even to post a replacement for
Justice Rajesh Tandon and far from a new Southern Bench of CAT being
created, even the CAT in Delhi remained closed for operations. Unmindful
of these developments, the Karnataka IT Secretary has again made a
promise during this year's Bangalore Cyber Security Summit that the
southern bench of CAT would be formed.
Coming from an IT Secretary who believes that "No
Company can invoke Section 43 of ITA 2008" and "No complaint can be
filed against a Company under Section 43", (Refer
related award here) the promise of a CAT bench in Bangalore appears
like an "Election Promise of a Politician".
Related Report in Deccan Chronicle :
Internet and Human Right
May 8: Internet as a technology was a
facilitator for the democratic revolutions in Tunisia , Egypt etc during
the last year. This has again opened the debate on "Whether Internet
Access should be considered as a Human Right?". Though there are
differences of opinion on whether Internet should be considered only as
a tool and not considered as a Human Right, the fact remains that the
"Quality of human right without Internet is increasingly becoming
unacceptable". One of the prime factors driving the humanity to this
thinking is that Internet is a "Tool of Expression". The difference
between other media of expression and Internet is that Internet along
with the World Wide Web enables an individual to publish his thoughts to
the world without the assistance of others. This makes Internet a tool
of a human being to translate his thoughts to an expression to the
global society. It therefore has the credentials to demand the status of
a "Human Right".
Vincent Cerf Differs :
UN Special Report Agrees
Apart from the suppression of the freedom of
expression in India through excessive legislation and misapplication of
legislation, Indian Citizens are being denied of the human right through
closure of judicial options for remedy of grievances due to the inaction
of the DIT in keeping the Cyber Appellate Tribunal active.
Karnataka has gone a step further in the direction of
denial of rights of Internet users by closing substantially the options
of the citizens to redress the grievances through the Adjudication
Naavi.org has raised this issue with the Chief
Minister and Law Minister of the State through an
Open letter. Responses are however still awaited.
New York Judge says IP Address is not a
May 5: In a significant judgement, a Judge in New
York has stated that given the dynamic nature of IP address allocation
and the possibility of IP addresses being shared over WiFi networks or
otherwise, they can be no longer relied upon in legal suits to identify
a person and charge him with offences.
Cyber Justice is denied to Citizens in
May 4:. Citizens in Karnataka have been facing
a unique problem as regards Cyber Crime complaints due to the non
availability of any proper legal forum for the Redressal of their
grievances. The problems regarding Police officers refusing to register
Cyber Crime complaints is well known. It is widely prevalent everywhere
in India and also in Karnataka. Additionally, what has added to the woes
of the citizens of Karnataka is that they have been shut off from civil
remedies as envisaged in Information Technology act 2000 due to the
inadequacies in the Adjudication system which is administered by the IT
Secretary of the State. Taking a contrarian view in an earlier case
referred to him, the Karnataka IT Secretary has taken an opinion to the
effect that "No complaints can be admitted for remedies under Section 43
of Information Technology Act 2000 after the amendments of 2008 against
any corporate entity and that no complaints can be made by a corporate
entity as well".
Though the unsustainability of such a stand has been
brought to the attention of the IT Secretary, he has stood by his
opinion. This opinion which needs to be revoked now only on an appeal to
CAT will stay in place until CAT is reactivated by the appointment of a
"Presiding Officer". This combination of inefficiency of DIT in not
appointing a Presiding officer for CAT and the interim decision of the
Karnataka IT Secretary has enormously benefitted some of the Banks who
are e-Governance partners of the government facing complaints from
It is ironic that in such a state of affairs, the
Karnataka IT Department is conducting a Cyber Security Summit. One needs
to ask the Government what the end objective of Cyber Security? Is it
for protecting the citizens of Karnataka? or Is it for protecting the
business interests of those corporates who are in E Governance
partnership with the Government? Naavi.org seeks a response from the
Chief Minister of Karnataka who also holds the IT portfolio to clarify.
Related Report in Hindu :
An Open letter to CM
Intermediary Guidelines is now a Human Rights issue
May4: For some time now, civil society in
India has been fighting against the Intermediary Guidelines issued by
DIT on April 11, 2011 which inter-alia is being interpreted as a tool of
Internet Censorship. Now it has been recognized that "Freedom of
Expression" is a "Human Rights issue" and the guideline may downgrade
the Human rights index of India when UN is undertaking the Universal
periodic Review some time in June this year. Internet is considered as
an important tool of free expression and any attempt to gag the media
through notifications that provide that intermediaries shall remove
content within 36 hours is highly objectionable. Government can no
longer justify the law as an "Enabling Provision" for national security
reasons since the track record of the Government is that it is often
used against political opponents. The Aseem Trivedi incient, call for
"Pre-screening" of social media content, the case against "Facebook" etc
in Delhi High Court, the Professor Mahopatra incident in West Bengal
have all indicated that Sec 79 rules is an instrument of censorship and
a prelude to "Internet Emergency" in India.
Additionally shutting down of the Cyber Judiciary
system by not appointing a chair person for CAT will be held in a
negative perspective as regards the Human Rights Review.
The DIT needs to therefore wake up from its slumber
and make some positive efforts to clean up its Internet Human Rights
See related DEF report :
Related Article:Will the Government Consult Netizens?..Need for National Netizen Rights
Multi-Stakeholder Consultation on Internet
May 3: Multistake holder consultation on
Internet Rights was inaugurated in Delhi by Amt Aruna Roy, Chairperson
Mazdoor Kisan Shakti Sanghatana. Officials from DIT and various
organizations also participated in the event. Naavi speaking on the
subject highlighted the need for Netizens to be more responsible and
organize themselves into a voice to be heard.
(Copy of the
presentation is available here)
Internet As a Human Right
May 2: A debate has started in India if
"Internet Access" is to be considered as a fundamental right of an
individual. Certain countries such as
Finland have declared access for Internet as a part of the fundamental
UN has in a report indicated that Internet should be
considered as part of Human Right. 80% of people
surveyed over 26
countries by BBC favoured the thought of Internet as a Fundamental
right. At the moment however, in India, the top of the agenda is whether
the Internet access we now have is diminishing in value because of the
failure of the Government in having proper regulations which are fair,
democratic and reasonable.
Empowerment Foundation in Delhi and Association for
Progressive Communications (APC), supported by the Department of
Information Technology and the National Internet Exchange of
India, Govt. of India. is organizing a national consultative
workshop in Delhi on 3rd may 2012. The workshop will be outlining
India’s progress towards ‘Internet Access for All’, and specific areas
of concern – right to information, internet & information access,
internet governance, Internet regulation, content specifications, cyber
law, and appropriate policy framework.
Risk of Data Loss in Cloud Storage
May1: The risk of data loss in cloud storage
was in focus as the assets of megaupload.com, a data storage
service facility in Virgina was seized by the US federal government on
charges of facilitating copyright infringement. As more than 1100
servers remain seized, data equivalent to 25 million gigabytes remain in
accessible by its owners many of whom are genuine business houses.
The issue has thrown open the legal question of
ownership of "Information" as distinct from the "Information container".
It should be recognized that the Government has no right to seize the
assets of innocent parties and have to hand over the information to the
rightful owners at the earliest.
The incident also is a wake up call to those who use
Cloud storage services to ensure that the activities of the service
provider does not affect the interests of genuine users. The need for
DRP/BCP strategies in cloud environment is also highlighted.