Header image alt text


Building a Responsible Cyber Society…Since 1998

Noida Police recommend Icafe Manager for Cyber Cafes

Posted by Vijayashankar Na on December 31, 2012
Posted in Cyber CrimeCyber Law  | No Comments yet, please leave one

Noida Police are reported to have mandated the use of software for management of cyber cafes. The recommended software is iCafe Manager supplied free of cost and supported by advertisement.

Though the press report suggests that the installation of software will enable compliance of ITA 2008 by Cyber Cafes, it is not clear how this is accomplished. What is perhaps achieved is only the logging in of the user’s ID in replacement of the manual visitor’s register since all users would be enrolled first as members.

The move is however a step in the right direction as it enables collection of evidence in case of misuse of the cyber cafe facilities.


The Cyber Law scene in India during 2012 was dominated by the discussions of Section 66A. The rules notified under sections 43A and 79 which held center stage in 2011 also continued into 2012. The end of the year however was however completely clouded with the issue of the brutal rape that occurred in Delhi which shook the consciousness of all Indians and pushed everything else into the background.

However let’s briefly review the major developments of 2012 in India from the cyber law perspective looking through the footprints at Naavi.org.

1. Karnataka Reduced to a State with “No Cyber Law”

The year began with the scandolous adjudication verdict from the Karnataka Adjudicator in the complaint of Gujarat PetroSynthese Vs Axis Bank. In a verdict which stirred the consciousness of the numerous victims of Cyber Crimes in the country, the learned Adjudicator Sri M.N.Vidyashankar decided that “No Company Can invoke Section 43 of Information Technology Act 2000 as amended in 2008 (i.e: ITA 2008)? and “No Company can be named as a respondent under Section 43 of ITA 2008”.

The decision was based on the wrong interpretation that the word “Person” used in the section should be restricted to mean only an “Individual” and cannot extend to legal person such as a “Company”. The adjudicator failed to review his decision even when it was brought to his attention that the General Clauses Act clearly defined that a “Company” comes within the meaning of the word “Person”.

This decision though considered incorrect will have limited precedence value until it is reversed by a superior judicial authority.

However since the Cyber Appellate Tribunal (CAT) remained without a Chair person through out the year, the matter is still under appeal in CAT. As a result Karnataka derived a dubious distinction of being a State where there is no remedy for Cyber Crime victims as envisaged under Section 43 of ITA 2008. Since Section 43 also defined provisions of Section 66, the interpretation has virtually made Karnataka a “Cyber Law Less State”.

Though the matter has been brought to the attention of the Chief Ministers, and the Law Minister of the State as well as the Chief Justice of Karnataka, no action has come forth to correct the situation.

Hopefully a PIL which may come for hearing in 2013 in Karnataka High Court may help settle the issue.

For the Netizens of India, the lack of Cyber Judiciary at the national level (CAT) for more than 18 months and abdication of Cyber Judicial authority in Karnataka are matters as grave as the Nirbhaya issue.

2. Un Safe E-Banking in India

In April 2011, the RBI released a very important notification which we refer to as the GGWG notification. This RBI notification of April 29, 2011 on Information Security,Electronic Banking, Technology Risk Management and Cyber Fraud defined a complete Information Security overhaul for Banks meant to safeguard the interests of Bank customers. This was followed later by the Damodaran Committee report which further tried to strengthen the security of E Banking.

However very few Banks implemented the recommendations by the time schedule stated in the RBI circular and some of the major Banks have virtually posed a challenge to the capability of RBI to ensure its own compliance guidelines. During this year and in the following year RBI will be trying to address this issue through its inspections and trying to re-establish its authority on the Indian Banks.

In the meantime new Trojans and viruses specifically targeted at the Banks are being released into the malware market. One of the Security experts in Bangalore who tried to draw the attention of authorities to such viruses was however targeted by some Banks with threats and forced closure of his websites.

There were also several ATM frauds making the life of innocent victims miserable. Banks instead of responding to the interests of the customers went about increasing their risks by introducing mobile banking and enhancing the daily transaction limits on internet transactions without substantial improvements in security.

The current internet banking security is heavily dependent on the OTP system which has already been demonstrated as an inadequate measure of security. We need to therefore keep our fingers crossed that no major calamity falls in the Indian Banking system through new Cyber threats. At present this remains merely a hope and prayer.

Naavi has also placed before the RBI a suggestion for the introduction of the E Banking Security Guarantee Scheme to which RBI may some time in future wake up to.

Naavi continues his fight to ensure safety in E Banking in India through various means and let’s hope 2013 will result in some positive developments in this regard.

3.Section 66A/Internet Censorship

In the very beginning of the year, the blocking of the website of Aseem Trivedi, a cartoonist sparked off a debate on “Internet Censorship” in India. During the year this grew into a massive controversy regarding Section 66A of ITA 2008 finally ending with a PIL in Supreme Court about the constitutional validity of the section 66A.

Subsequently the arrests in Tamil Nadu for a twitter comment on Karti Chidambaram and the arrest of Palghar girls for their FaceBook posting on Bundh in Mumbai raised a hot debate on the misuse of Section 66A by Police.

Now there is a clamour for withdrawal of Secton 66A and a reference to Supreme Court on its validity under Indian Constitution. But Naavi strongly feels that Section 66A was never meant to address “Defamation” and its use to curb freedom of expression is an aberration coming out of misinterpretation of law by the Police either deliberately or through ignorance.

As a possible solution to the menace of Internet censorship, Naavi has suggested the concept of “Regulated Anonymity” which the society needs to consider seriously.

4. Emergence of the Information Assurance Concept

The year 2012 also marked the emergence of the “Information Assurance” concept replacing the “Information Security” Concept as a term to indicate the industry response to the requirements under the growing risks in the IT use. Naavi also identified the need for a change of his Techno Legal Behavioural science based Information Security concept with the more easily expressable “Total Information Assurance Concept”.

Ever since the Government of India summoned the major social networking companies namely Google, Face Book and Yahoo and demanded that they install a pre-publication manual monitoring system for content filtering, there has been considerable discussions about what is right, what is feasible, what is legal etc about the “Due Diligence” required to be exercised by Intermediaries under Section 79 of the ITA 2008. Naavi therefore suggested the following plan of action for Intermediaries to deal with the situation..How Do you React to a Sec 79 Notice if you are an intermediary?

Naavi also suggested a framework to define the “Reasonable Security Practices” envisaged under Section 43A of ITA 2008.

Naavi had already discussed specific Information Security frameworks for compliance of ITA 2008 by different segments such as LPOs and other IT Stakeholders. Keeping in view the international developments, Naavi developed the Information Assurance Framework For Modular Implementation to enable SMEs to gradually attain the desirable information security standards otherwise envisaged under popular frameworks such as ISO 27001 and COBIT.

In the coming days this is likely to establish a practially feasible Information Security approach in India.


Developments across the world on Information Security continue to focus on increased legislation to meet the ever growing cyber threats. EU is adopting a new Data Protection regime and HITECH act is becoming more stringent with better enforcement. Other countries are also strengthening their laws against privacy violation.

The domain of Information Assurance which incorporates Technical Security, Legal Dimensions and Behavioral Aspects which Naavi has called the “Total Information Assurance” will therefore be in the limelight in the coming year.

It is not possible to end the review of year 2012 in India without a reference to the protests that followed the gruesome rape of a girl in Delhi eventually causing her death. The spontaneous but sustained outburst of peoples’s anger on the failure of the law enforcement system to ensure safety of women in India gripped the attention of the country since December 16th when the incident happened. While the incident will be discussed in other forums dedicated to such discussions, it is important to recognize that after Anna Hazare and Arvin Kejriwal movements, the current protests which some named as “Nirbhaya protest” indicated how the social media can be mobilized to generate support for a cause in the physical world. This is a demonstration of the power of Internet to safeguard democratic traditions.

While this is a matter to be proud off, it is clear that the Government ahs also realized this power and considers it as the greatest threat to their political existence. Hence the iron-hand approach to the suppression of “Freedom of Expression” in the Cyber Space is likely to continue and we may not be surprised if more stringent restrictions are placed on the Internet expressions in India in future. The PIL before the Supreme Court on the constitutional validity of Section 66A therefore assumes a new dimension. Hopefully the Supreme Court will provide clear guidelines for the protection of freedom of Netizens. Naavi wishes that “Freedom of Netizens in India” should be an important election issue in the much awaited 2014 Loksabha elections.

We therefore end our reflections with Hope, Hope and more Hope for a better 2013 because we have no other option left.


[P.S: Kindly peruse the archives for more detailed chronicle of Cyber law developments in India in 2012]

3 Crores overdrawn on ATM cards

Posted by Vijayashankar Na on December 29, 2012
Posted in Cyber Crime  | No Comments yet, please leave one

A customer of Vijayawada branch of Indian Overseas Bank is reported to have drawn over Rs 3 crores using his ATM debit card without having balances in his account.

It is reported that a technical glitch prevented the debits made in Australia go unaccounted.

The withdrawals had occured over a period of two years and the customer has now been arrested by CBI. Details

It is possible that the withdrwals actually may constitute an overdraft granted to the customer which have to be recovered after due notice. Though the customer may be accused of “Bad faith” charges of “Cheating” or “Fraud” may be challenged.


New Andorid Malware

Posted by Vijayashankar Na on December 29, 2012
Posted in Cyber Crime  | No Comments yet, please leave one

If you suddenly see a “Google Play” icon on your Androiod phone, beware that it could be the act of a new virus.

If you click on the icon you may go the genuine Google Play store so that you may not realize that this is a malware.

In the background the malware will work as a DDOS agent and sends out information about your device to a Command and Control center. Subsequently the command and Control center will establish a line of communication through messages to control the activities on the phone.

The trojan may use your phone to either launch a DDOS attack or to send out messages. Needless to say that you will be paying the cost of such malicious messages and also open ypurself to the charge of a Cyber Crime activity.

Be sure that you have an effective mobile security working in your phone to mitigate this risk. More Info


In the Delhi gangrape case it is reported that one of the accused is a 17 year old boy. By virtue of being less than 18 years of age this person is expected to escape punishment that he rightly deserves. This needs to raise the issue of whether our law regarding defining “Minority” needs a review.

In the current age, several things have undergone a change. It is well known that the exposure of today’s youngsters are wider than in earlier times. There is a demand for sex education in the high schools. In Computer knowledge there is no doubt that todays sub teens are actually mature adults in terms of computer knowledge.

In view of the changing times both in terms of Cyber Crimes as well as other crimes there is a need for reducing the age of attainment of majority from 18 to at least 16. More appropriately “Attaining Majority” can be linked to the context. For example, while today’s boys can be considered as “Majors” for most legal purposes at the age of 16, in respect of Cyber Crimes there is a case for reducing it still further. However since some research may be required to fix different age limits for attaining majority for different purposes, 16 years can be considered as an immediate desirable level at the present times.

In US for several aspects 16 years is the age at which a person is considered as an “Emancipated Minor”. Similar concept should be tried in India also.


Adverse effect of Computer Games on the society

Posted by Vijayashankar Na on December 28, 2012
Posted in Cyber CrimePrivacy  | No Comments yet, please leave one

The barbaric incidents of sexual violence seen in Delhi recently has raised a question on the effect of Bollywood, TV and Computer Games on the psyche of people and whether they are contributing to the growing violence and sexual assaults in the society.

There have been some discussions on the Twitter and on the TV in this regard in the last few days. Some of the Bollywood celebrities including Ms Sharmila Tagore tried to defend the current trends in Cinema where women are shown in a highly degrading manner on the screen as a natural development because of commercial considerations. They also tried to say that even in the 70’s the every movie had at least one rape scene and there was no corruption of the society as we see today. Hence they expressed a view that Bollywood cannot be blamed for the current status of women in cities like Del

Ms Kiran Bedi on the Twitter has drawn attention to a scientific survey on the impact of violence on TV and Movies on the viewing public. The details of the study are available here.

The researchers have confirmed that “when participants watched violent images, networks of nerve cells started to rapidly reorganize themselves throughout the brain: the participants’ brain function was changing in response to what they were seeing on the screen. The volunteers’ attention was reoriented, their perceptions were heightened, and their autonomic nervous system became highly active, all of which are indicative of the stress response”.

The research also stated that “When you are engrossed in watching a TV show, movie, or news footage, your unconscious sees the violent images and doesn’t know they are on a screen; your unconscious believes you are right there in the action.”

The observations made above in respect of violence on TV/Cinema screen indicates that the effect of Computer games could be even worse. Unlike the TV or Cinema, the viewers in a Computer Game actually take a role in the game and become part of the experience. Hence they absorb all the effects of the game including the desires that are associated with the character in the games. There are many computer games where the character is involved in “killing” or “Raping” other characters. One can imagine what would be the impact of such games on the society.

One of the studies on video games indicate as follows:

” teens who play violent video games for extended periods of time:Tend to be more aggressive, Are more prone to confrontation with their teachers, May engage in fights with their peers and See a decline in school achievements. (Gentile et al, 2004).” (Details are available here) There could be many other studies of this nature which may give us some kind of a link to the growing menace of female abuse in the society today.

Even if we restrict our discussion to the movies, one classical difference between the movies of 70’s and today are that in those days there was a clear distinction between the heroes and villains and the heroines and side characters. Normally the heroes were always good and it was the villain who indulged in rape or other bad acts. Similarly it was not the heroine who was subjected to violent sexual abuse but it was other less important characters. The viewers always identified themselves with the heroes or heroines and hence they were not too much involved with the bad characters or bad acts.

On the other hand today we see heroes also frequently engaging themselves in violent acts. Similarly the heroines with whom people would like to identify themselves indulge in “Item dances” which are fundamentally obscene depiction of women.

As a result, the effect of TV and Movies of today are also very negative.

I wish the celebrities of the Bollywood as well as other regional industries appreciate this view point and seriously review their negative contribution to the society in pursuance of money.



This website has been in existence since 1998.  

Older posts before the site switched to word press are available through the link at the top and here below.