Paths are Created by Walking and not by Waiting…

Today the first batch of Data Protection Professionals in India who have been trained on Indian Data Protection Laws, Global Data Protection Laws and Data Audit skills with special training on the PDPSI framework are completing the certification examination. A few of them will be certified as “Certified Auditors for the FDPPI-PDPSI Data Protection Audit with DTS evaluation” after the entire evaluation process is over. A Few more would be certified as “Certified Consultants for the FDPPI-PDPSI Data Protection Implementation”

The Implementation Consultants and Certified Auditors would be professionals who have completed around 55 hours of class room training (Online) and 4.5 hours of online examination plus several hours of assignments. They have read through over 1000 pages of notes. This is one of the most elaborate training programs conducted in any such certification programs.

At the end of this rigorous program, FDPPI is confident that these professionals  will be able to stand out in the community as people with the necessary knowledge and skills to start guiding the Indian organizations towards Privacy and Data Protection Compliance.

We all know that skill cannot be entirely acquired through external training alone and hence these professionals will continue to improve their skills and some of the consultants after more experience may be upgraded to the level of auditors FDPPI will have a plan to implement this “Continuing Data Audit Skill Enhancement” program.

The industry already has several “Certified” professionals who have been certified from other organizations some of them recognized world over. However, in terms of the focus and intensity of training, the FDPPI Certified professionals will be a class apart though  this will need some time to be recognized by the industry.

These are the professionals who create path by walking…. not wait for others to show the path…

Naavi

 

Print Friendly, PDF & Email
Posted in Cyber Law | Leave a comment

Open Letter to Madam Nirmala Seetharaman… Say No to Experimentation.. It will be misused

To

Smt Nirmala Seetharaman
Honourable Minister of Finance
Delhi

Sub: Regarding Crypto Currency Experimentation

Madam

I was going through the report in livemint.com and cnbtc18.com on the proposed regulation on Crypto currency in which you are quoted to be soft on the demands of the Bitcoin industry which is fighting to retain legitimacy to Bitcoin and other Crypto Currencies as equivalent to legit currency of the country.

We have been debating this for several years now and initially RBI was firm on the banning of private crypto currencies. Subsequently, since neither the Ministry of Finance and  the Supreme Court was supporting them openly, RBI went quiet. This emboldened the Bitcoin community to spread out and trap many more innocent investors.

This must stop forthwith if we are honest to the economic future of India.

Legalizing Crypto currency is Financial Sedition

There is simply no logic for the Central Bank of the country to surrender its right to have control on the issue of “Currency” and any discussion on letting “Crypto” to be called a “Currency”. If accepted, there would be a flight of Bank deposits in India to “Crypto Assets” held with “Crypto Exchanges in the form of Bitcoin Wallets” . These will be like the e-mail accounts of proton mail and will not be under control of our regulatory authorities.

The legalization of Crypto currencies should be treated as “Sedition” in the “Financial Regulation”.

Crypto is Digital Black Money.

I do understand the political compulsions to be diplomatic in your response and there could be many in the bureaucracy who would like Bitcoin and crypto currencies to continue since it is the best way to receive bribes. For the same reason routine politicians are not keen in seeing the end of Bitcoins.

But the fact that Bitcoins and other Private Cryptos with which Bitcoin is fungible represent “Digital Black Money” does not need to be stressed. I consider that Modi Government will not succeed in its fight against Black money until the digital black money is completely eliminated.

If Privately managed Crypto currencies such as Bitcoin, Ethereum and the 5000 others are not banned lock stock and barrel, we will not be able to control the spread of black money. It is this money which will be used to fund the CAA protest,  Red Fort attack or Kashmiri Terrorists or the Ransomware criminals. The dreaded “Deep web” is funded by Crypto currencies and banning them is a way to make the life of a Cyber Criminal difficult.

India can be an Anti-Crypto Currency Leader of the World

Many ask why India should stand different from many other countries who are tolerant of the Crypto currencies. But we must appreciate that India is India and should have the courage to stand for what is right. There are many countries in the world who are tolerant of Pakistani terrorism or Chinese aggressive military attitude. But it does not mean India should not take an independent stand.

I am confident that India has the capability to lead the “Anti-Crypto Group of Countries” and its decision to ban the Private Crypto currencies would go a long way to establish economic independence.

We need not be apologetic since we are in the right track

We observe that your statement “Government will have a calibrated approach”, “Want to ensure window for experiments”  was made as a diplomatic statement in a TV debate and referred to the “Enablement of Government Controlled Crypto Currency”.

While “Block Chain Technology” is often quoted as an “Innovation” that needs to be supported and “Legalization of Bitcoin” is a way to recognize this innovation is a fake narrative.

Block chain as a technology has some use cases and may  be allowed to be developed by technology companies  as is contemplated in the draft bill. But this cannot be used to legitimize the use of Bitcoin or other Private Cryptos.

Experimentation should not end up in dilution of the regulation in any manner. All Crypto currency variants are all mutually convertible and hence banning them in toto is the need of the hour. Any small room given for innovation would be misused to develop a “Currency Mechanism” which will substitute Bitcoin with some other form of “Crypto Asset” which though legal would be used as a Currency. Remember how Ram Rahim Cult was using paper slips as currency within their premises and how havala operators use a currency note torn into two halves for carrying on their operations. Similar innovative “Digital Chips” will be developed as “Alter-Crypto” if law allows for their existence.

We are aware that there are many “Game Currencies” like the “Linden” which are convertible to Crypto Currencies and hence even a small opening provided to the technology innovators will encourage back door entry of Bitcoin in a different form.

RBI Crypto Rupee will break FEMA and encourage Crypto Mining Malware

It should be recognized that the Government backed Crypto currency will not be different from the Digital Payment systems we already have in the country and would not add anything significant to the economy.

At best it will only encourage zombies who will try to keep mining for the “Crypto Rupee” and result in depleting the scarce resources of “Electricity” and “Computer resources” besides “Productive time” in search of digging for Crypto Rupees in their internet connected computers.

This will continue to encourage “Crypto Mining Malware” to be developed and installed in the mobiles and computers of innocent malware victims and encourage more Cyber Crimes.

Hence there is no logic for taking any action in this regard immediately. Let it be there as an enabling provision but if introduced, it will defeat our Foreign Exchange Management system making Rupee Convertible. You can separately assess the problems arising out of full convertibility of Rupee.

Experimentation with an evil like Bitcoin is like experimenting with drugs. We have to say No even the first time.

There is no need to be apologetic

Even the views of  Elon Musk need not be taken seriously since he may have reasons of his own to retain his wealth in the form of Crypto Currencies.

There is no need to be apologetic to the Bitcoin community as if we are “looking inward”. Sadguru Vasudev often reminds us that Indian culture has been strong because of how we have focussed on “Inner Engineering” of the human being. Yoga is an example of how looking inward actually unleashes the power to address the worldly challenges.

Our stand could be termed as standing firm on principles and not “looking inward”. Neither “Fintech” nor “Fast Moving Technology” have any right to destabilize India as a country. We may support technology but donot hesitate to regulate attempts of disruption whether it is in curbing cyber crimes, regulating delinquent digital media or those who want to take over the financial control of the country.

We have recently shown such guts in taking on Twitter or Face Book and the recent joint action by Mr Ravi Shankar Prasad and Prakash Javdekar on Intermediary Guidelines was an indication that at last the Modi Government is willing to shake off its hesitancy and take tough decisions.

As a person from Karnataka whom you represent, I would be extremely happy if you can also show the exemplary courage to “Say No…firmly…to Bitcoin…even for experimentation”.

The non introduction of the Bill in the first part of the session is itself a show if hesitation by the Ministry of Finance to support the legislation. This should be rectified quickly by the passage of the bill to ban Private Currencies in the second half of the budget session without fail.

Thanking you in advance.

Yours faithfully

Na.Vijayashankar

6th March 2021

 

Reference:

Livemint.com

cnbctv18.com

Print Friendly, PDF & Email
Posted in Cyber Law | Leave a comment

Does Intermediary Regulation apply to Corporate Zoom meets?

An interesting question has been raised by the Indian Corporate sector regarding the applicability of the new Intermediary Guideline to the corporate interaction platforms such as Zoom/Goto Meeting/webex/Google or Team other companies facilitating streaming of content and messaging among users and also the public at large.

A doubt has arisen that given that with more than 5 million users registered with such platforms, will this makes them significant social media intermediaries and whether they  will need to moderate content effectively and have rules in place for moderation.

It is also indicated that the platforms  may not be able to exercise control as in the case of the  attack in Christchurch, in March 2019, which was live streamed on Facebook though after the event,  FaceBook tightened rules for live streaming .

After this incident, 31 countries and several tech companies came together to form a pledge called the “Christchurch call”  initiative.  India also is a signatory. It is believed that Zoom has also joined this pledge  in 2020.

Since  Microsoft Teams and other technologies are also in use in schools for online education, the need to have moderation of live streaming is also relevant in certain circumstances.

The Christchurch call for action was an initiative which which included voluntary commitments from Governments and online service provdiers intended to address the issue of terrorist and violent extremist content online and to prevent the abuse of the internet.

We must remember that all terrorist activities are also considered freedom movements or religious commitments by the section of people who are called terrorists. Hence there will always be differences of opinion whether an act is “Terrorism” or “Religious Action”. In between these two extremes there will be the “Freedom of Speech” protagonists some of whom have a leaning on one of these sides or their own political agenda to try and create mis representative narratives. It is this mis representation from the digital media that this Intermediary rules try to addrss.

As regard live streaming, it is news and it is the journalist who has to show maturity and  discretion. It is also part of the fact which the reporter may not know and hence some events may get broadcast unknowingly.

What needs to be regulated however is the “Conspiracy” and “Planning” to commit a terrorist activity. The Disha Ravi incident in which it is reported that a Zoom meeting was held to discuss the “Terror Plan” is an example of what may have to be regulated.

However, in such cases, it is difficult to blame the intermediary except if the title of the meeting gave any clear indication about the intention. We have discussed this in the past in the case of Bazee.com case whether the title “DPS MMS Video” which was the video sought to be sold in the platform which was the “Obscene” content on the basis of which action was taken against the executives of Bazee.com under Section 79. (2004-2008)

See here for more details on bazee.com case

Under the laws Intermediary is defined in Section 2(w) of the Act and the streaming service provider may come under this definition. However, their “Due Diligence” is in ensuring that a proper Privacy Policy and Terms are provided for the guidance of the user and ensuring that the identity of the owner of a streaming video can be shared with the law enforcement. They may not do a KYC but should be able to collect both declared information such as the e-mail address and physical address but also the meta data such as the IP address at the time of registration.

The 180 days data retention rule may also be applicable to the platforms.

However, the streaming video publishers are like the You Tube. They are the platform used by the other publishers. In the case of You Tube, they become the “Curated Content Publishers”. But the Zoom and others donot “Publish” subsequently and hence donot become the “Media”.

At best the role of Zoom etc will be like a CCTV camera which faithfully captures and broadcasts to the server and may capture events which need to be regulated. But here the platform is a “Pure intermediary” like an ISP and hence the “Social Media” responsibilities donot adhere to them.

The platforms Zoom etc therefore need not to be worried about the new Intermediary guidelines. Also sharing such Videos or content within a community of employees etc may not come under the definition of “Publication”  since no “Public” is involved. Hence the entire set of responsibilities donot apply to the Companies. However, if the content is leaked out to the outside world and creates problems (eg when Whats App messages are forwarded to outside of the original group) the person who was responsible for making a controversial content public should bear the responsibility and the company should be in a position to identify such a person through the meta information about viewing, recording and downloading etc.

(This debate may continue.. Comments are welcome)

Naavi

 

Print Friendly, PDF & Email
Posted in Cyber Law | Leave a comment

If Police or the Magistrate cannot understand the law, donot blame the law

On 25th February 2021, the Government of India notified a landmark set of rules under Section 79 of Information Technology Act 2000 (ITA 2000) called the Information Technology (Intermediary Guidelines and Digital Media ethics Code) Rules 2021.

Since the regulation is against the “Digital Media” it is a sensitive regulation which will definitely be opposed by the media and the Government would have to face the allegation that this in attempt to muzzle the Press.

We already have the Maharashtra Police under the Shivasena Government behaving like a mafia against the Republic TV, Ms Kangana Raut, a Retired Naval Officer, the BARC officials etc completely discrediting the police force in the entire country by misapplying law to serve political masters. In 2012 it was again the Maharashtra Police who arrested two girls from Palghar which eventually led to the scrapping of Section 66A.

Now a Manipur Magistrate appears to have committed a blunder which will discredit the new notification and strengthen the voice of the opponents that the notification can be misused and hence should be scrapped. It is possible that just as in the case of Section 66A, even the Supreme Court did not identify that the Palghar girl’s arrest was not because of the Section 66A being anti constitutional but because the local police made the mistake of invoking the section when it did not apply to the given context. The fact that all Courts including the Magistrate’s court which committed the two girls to judicial custody for 15 days, the Mumbai High Court and also the Supreme Court failed to recognize that Section 66A applied to “Messages” and not to “Publications” like Facebook or Twitter and proceed to scrap it ostensibly to uphold freedom of expression.

The Manipur magistrate’s order which is reproduced below indicates that the Magistrate has failed to appreciate the objective of Section 79 of ITA 2000 and the subject notification.

The Wire.in has promptly highlighted the issue of the notice .

Though it appears that the notice was subsequently withdrawn, it is clear that the Magistrate had not applied his mind before issuing the order.

It must be realized that Section 79 of ITA 2000 is not an independent penal section of ITA 2000 and no body can be punished or fined solely for being in violation of Section 79 or its rules. Section 79 is a Safe harbor section which says that if an Intermediary has committed any offence, it can claim protection as provided in the Section 79 and the rules.

Hence the notice is ultra-vires the powers of the Magistrate and it had no value. Withdrawal of the notice was therefore correct and meant to limit the damage to the publication to which the notice was issued but cannot prevent the damage to the reputation of the lower judiciary.

The publication has rightly indicated that it may take legal action against the Police and the DM for harassment.  A similar action against the Maharashtra Police is long overdue and this case may trigger similar action against the Shivasena Police also.

This is however not a Section 79 issue or the issue that the notification is curbing the “Freedom of Speech”. The issue is that our Police and the lower Judiciary donot know the law correctly and mis apply the law routinely. Action should therefore be taken against those who are responsible for educating the magistrates, the Police and the Public Prosecutors.

This education also has to happen through the media only. Hopefully the journalists will understand the law properly and ensure that mis-information is not spread on what the law is not.

Naavi

Print Friendly, PDF & Email
Posted in Cyber Law | Leave a comment

The New Digital Media Regulation and the New Media War

The Government of India is trying to fight the Information war with the Twitter which had started the Greta-Disha Attack on the Integrity and sovereignty of India. It was unfortunate that the ASJ hearing the bail pleas of Disha Ravi did not consider the organized campaign culminating in the attack on Red Fort as not a “Conspiracy” even at the prima facie level and let the accused free. This may result in the continuation of the assault with greater vigour in the coming days.  The situation is similar to what the Indian army might have faced in 1962 in the Chinese front with Jawaharlal Nehru holding the Indian army back and subsequently in the J&K front before the current regime showed the courage to fight the enemy with tact and force.

In a bid to defend the Information border of India, the Ministry of IT and I&B jointly have launched an operation to bring some regulations on the digital media which can rightly be called similar to the surgical strike of the Indian army on terrorist hide outs. Just as the surgical strike of the army was a controlled attack on specific elements and did not escalate into a war, this Information counter war fare is also a selective counter attack which was necessary and has to be controlled with checks and balances so that it does not get misused.

In the current context in India we are not surprised that every  major decision of the Government will be questioned in the Supreme Court and we have reached a situation where we will not be surprised if some body files a PIL on why Mr Modi took Covaxin dose and publicized it.

The so called “Media” has become so irresponsible and biased that they are inviting this type of regulation. The way Twitter management refused to honour the directions of the Government of India was an alarming sign which could not be ignored by any self respecting nation.

If the Government does not take action now, just as the opposition cried that the Government had ceded land to China along the LAC and the media was harping on such unimaginative narrative, the Government would have been termed weak.

Now that the notification has been finally issued a new war of words have started with one  part of the media raising their campaign that the notification is anti democratic etc. Contrary to what some journalists are complaining this notification for “Intermediary Regulation” which includes the tracing of the origin of a message was proposed in December 2018 itself and put in back burner because the Government did not have the courage to take on the criticisms. The Media regulation part may be new but it is just a replication of the print and TV regulation into the digital media regulation. Hence there should be no reason to say that this notification was done secretly. The Twitter incident could have strengthened the resolve which was absent in the past.

We need to react positively

While Naavi.org has reacted to the notification with a service “Digital Media Compliance Guidance Center” to help small and medium digital media publications, the larger organizations may oppose even the “Self Regulation” and continue to fight for what they call Press Freedom which has today become “Freedom to sell news for money”.

Let us not forget that Greta Thunberg and Rihanna were allegedly paid large sums of money to post a few lines on Twitter and such supporters may have larger funds to support the friendly journalists who can sell their souls. The OTT platforms have been using soft and hard pornography without any control besides using content in motivated serials and films to meet nefarious designs which are anti national.

The media as we see today is no longer the “Free and Fearless Ramnath Goenka Indian Express of the Emergency times”.  It is a commercial organization which makes money by advertisements and soft porn besides paid articles and even editorials. This tendency is seen more in Digital Media though it started from the Print and TV media. The Print and TV media already have regulations and what has now happenned now is that a similar regulatory system has been proposed even for the Digital Media where it is more required.  However some part of the media which is used to commercialization of news are perturbed that now they will be accountable for what they publish in the digital media.

The Hindu has come up with its long editorial and the senior journalist Mr Shekar Gupta in his You  Tube channel made an extensive reference to it in one of his recent publications. Others have come up with their own criticisms, some of which are indexed here.

These channels did not raise their voice when Naavi.org pointed out how You Tube was blocking Praveen Mohan because they thought he was posting content about “Temples” or the “String” channel which posted a critical video on George Soros and exposed the conspiracy of the Twitter-Disha-Greta-Rihanna gang.

Hindu has long converted itself into an Anti-Hindu Propaganda vehicle and it cannot be expected to react to the Praveen Mohan or String channels. But Shekar Gupta is more balanced in his channel and I would like to see if he can react even now on the YouTube hypocrisy in blocking Praveen Mohan and String.

Let me take a few of the points raised in some of these critical articles and give my perspective.

Neither the Hindu nor Mr Shekar Gupta can oppose the introduction of “Code of Ethics” or “Self Regulation”. Hindu concedes “While there is not much that is wrong with the Code of Ethics per se, ” but introduces the “Yes, But Game” by stating “what is problematic is that it will take little to bring this regulatory mechanism to vicious life.”

This speculation is fine and all of us have to move to ensure that this is not misused by any Government more so if a Government of the type we have in Maharashtra is in power. But Hindu has to be non partisan to be able to make comments of this nature since it has lost trust as an independent journal.

The rules want a “Grievance Redressal Mechanism” to be put in place which is similar to the current practice of some media having “Ombudsman”. There is a Press Council already and Cable TV regulations which have been accepted by the industry. Then it is difficult to understand  this ” Kolaveri”  when it comes to Internet media.

Hindu says that the new rules have increased compliance burden for social media platforms. So What?.. After GDPR came in was there no increased compliance burden on the industry because of “Privacy”? Now after the PDPA India will there not be an increased compliance burden on the data processing industry?… Should they complain that it is not the responsibility of the commercial IT industry to protect the human right of “Privacy”?. Why should there be a special privilege to the Media?…after they have become paid stooges of international Information terrorists?

Mr Shekar Gupta was largely balanced in his views but still had a complaint about the Level III regulatory mechanism involving the Oversight system at the ministry level.

But this Level III mechanism comes only after the failure of the Level I which is entirely under the control of the publisher and Level II which is a self regulating body set up by the industry itself. Under Level III, there would be an Authorized officer and a Committee to “Recommend to the I&B Secretary”. Finally if it is considered necessary and expedient, an action can be initiated which of course would be subject to judicial oversight as well.

Today there are many advocates who are willing to take up PIL for trivial issues and there would be no dearth of legal support to the journalists who may be unfairly charged by the Government.

It must be also remembered that the powers which result in removal of content is basically vested with the Judiciary and where it is used by the Authorized officer or the Government, it is only in cases where exceptions are available under article 19(2) and some Child abuse and Obscenity issues.

Hence the objections of the media are knee jerk reactions and should not disturb the Government. The Supreme Court will eventually adjudicate on this issue and at that time, it should not be swayed by the “Media Pressure” and act independently in the interest of the Indian public.

This debate will continue. But we are looking forward to the notification of the Authorized official and the procedure for setting up of the Self Regulatory body-Level II. Naavi.org would invite the responsible digital media to support the move of this regulation since it will help serious professional journalists to stay in the field and weed out fly by night operators.

Naavi is organizing awareness programs to enable small and individual journalists to organize themselves and remain compliant. One such webinars will be held on 3rd March 2021 as part of the Jnaana Vardhini Program of FDPPI.  Any group of Journalists interested in availing this opportunity may contact Naavi.

Naavi

 

The Hindu: A wolf in watchdog’s clothing” Hindu

New Government rules for OTT Content….Shekar Gupta 

Scroll.in: Why India’s new rules for social media, news sites are anti-democratic, unconstitutional

 

Print Friendly, PDF & Email
Posted in Cyber Law | Leave a comment

Digital Media Compliance Guidance Center (DMCGC) set up by Naavi.org

With the notification of the new Intermediary Guidelines 2021 (Information Technology [Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021] notified on 25th February 2021, the Digital Publication scenario in India has changed substantially.

It will take some time for the full impact of this Surgical strike by the joint operations of the Ministries of IT and I&B to sink in to the industry.

The changes will affect all the large Intermediaries like Twitter, FaceBook, YouTube, WhatsApp, Telegram etc., the emerging Indian companies like Koo, Tooter, Arattai, as well as a number of YouTube Channels such as Shekar Gupta’s Channel , The News Minute  or other similar channels. The OTT Channels such as HotStar, ZeeTV, JioTV etc will all be coming within the provisions of the guidelines.

The compliance requirements in principle applies to any digital publication which has News content and therefore applicable to many blogs though by virtue of a smaller exposure they may not be coming directly under the definition of the “Significant Social Media Intermediary” or a “Publisher”.

The compliance requirements are not simple and will also need to incorporate a Grievance Redressal Mechanism.

Naavi has been operating the ODRGLOBAL.IN which is an online grievance redressal system and is ideally suited to be adopted for the requirements of this type. Naavi has also been engaged in ITA 2008 compliance as well as Personal Data Protection Compliance (GDPR, Indian PDPA etc).

Recognizing the needs of the Digital Media Publishers, Naavi has launched a new service namely “Digital Media Compliance Guidance Center” (DMCGC).

DMCGC will provide compliance consultancy to enable organizations maintaining news websites and news apps to maintain compliance as envisaged under the rules.

Non Compliance of the Intermediary guidelines would be like exposing the media organization to a volley of AK 47 bullets without as much of even a shirt to wear on, let alone a bullet proof vest.

The service would be provided through Ujvala Consultants Private Limited the Techno Legal compliance consultancy company.

Interested persons may contact Naavi through e-mail

Naavi

(More information will follow)

Print Friendly, PDF & Email
Posted in Cyber Law | Leave a comment