Cyber Crime observers are well aware of “Nigerian Frauds” where people from Nigeria cheat persons globally on false allurements. Exporters to Nigeria are aware from times immemorial that remittances from Nigeria are unreliable. Bankers refuse to finance exporters for exports to Nigeria.

Now it appears that Hong Kong is also becoming a country like Nigeria where criminals are opening bank accounts to commit frauds on the global netizens.

In one of the cases reported in India, an importer has been lured to transfer money due to the Chinese Company to an account in Hong Kong which happenned to be a fraudulent account.

It is also reported that Hong Kong is trying to develop “Secret Banking” on the Swiss Banking model so that tax evaders and criminals in the world can now switch their Swiss Bank accounts to Hong Kong.

In view of the above if any remittance is sent to a bank in Hong Kong, the remitter may find it very difficult to recover the money through normal legal course.

I therefore urge Reserve Bank of India to send an advisory to all Banks that any remittances to a Bank in Hong Kong should be subjected to a check on the authenticity of the recipient. The receiving Bank must give an undertaking that any customer recipient of a remittance from India is not a criminal and the remittance is not part of money laundering.

Naavi

I refer to my earlier article on “Risk Appetite” where I had highlighted the fact that many managements are unaware of risks and hence keep on consuming the risks until one day it is too late to correct.

CISO s by virtue of their exposure to threat environments may try to keep their managements informed from time to time the need to undertake “Risk Assessments” and initiate “Risk Mitigation” efforts. But often in organizations which have a low Information Security awareness, CISO even if one such designation exists may not have adequate authority to reach out to the top management. In many organizations there will be only an IT Manager and no CISO. Only if the IT manager has adequate security exposure, he tries to bring it to the notice of the management the need for a risk assessment and initiate some action leading to Risk assessment.

In this context when the need for Information Security is presented as a “Legal Compliance” mandate, the possibilities of the top managements understanding the implications are higher. If the Chairman is made aware that he may personally go to jail if adequate security is not in place, then only the Board of Directors will call for a presentation from the IT head on the need for creating a Information Security department and proceed further.

The path to Information Security implementation is therefore through the fear of legal consequences. This needs to be communicated to the top management through various means to kink off the IS process.

Even after this, before the top management can agree to an Information Security program, they need to be aware of the compliance requirements and consequences of non compliance. Hence building the “Awareness about Legal aspects of Information Security” often becomes the starting point for Information Security in an organization.

It is for this reason that the undersigned often recommends that the IT department may organize an “Awareness Workshop” for top management before even discussing the details of what is the Risk assessment program, how much it may cost, how long it may take and what benefits that the organization may expect.

This “Information Security/Assurance Feasibility Workshop” is one of the services that the undersigned has proposed to help the CISOs break the barriers of communication.

I hope more and more companies will opt for such a workshop which is a low cost investment before they take the decision to proceed further.

Naavi

The power to pardon which the President of India and the Governors are empowered to exercise under our constitution have come for a debate in the context of Sanjay Dutt being convicted by the Supreme Court of India.

A good review of the provisions of the law is available here: http://www.lawteacher.net/administrative-law/essays/power-to-pardon-an-analysis-law-essays.php

For the general information of the public, I am reproducing the two articles of the Constitution that provide powers to the President and the Governor.

Article 72 : Powers of the President:

(1) The President shall have the power to grant pardons, reprieves, respites or remissions of punishment or to suspend, remit or commute the sentence of any person convicted of any offence—

(a) in all cases where the punishment or sentence is by a Court Martial;

(b) in all cases where the punishment or sentence is for an offence against any law relating to a matter to which the executive power of the Union extends;

(c) in all cases where the sentence is a sentence of death.

Article 161 : Power of Governor to grant pardons, etc, and to suspend, remit or commute sentences in certain cases:

The Governor of a State shall have the power to grant pardons, reprieves, respites or remissions of punishment or to suspend, remit or commute the sentence of any person convicted of any offence against any law relating to a matter to which the executive power of the State extends

However the orders if any are subject to Judicial Review as per the following Supreme Court decisions.

In Swaran Singh v State of U.P. [10] , the Governor of U.P. had granted remission of life sentence awarded to the Minister of the State Legislature of Assembly convicted for the offence of murder. The Supreme Court interdicted the Governor’s order and said that it is true that it has no power to touch the order passed by the Governor under Article 161, but if such power has been exercised arbitrarily, mala fide or in absolute disregard of the “finer cannons of constitutionalism”, such order cannot get approval of law and in such cases, “the judicial hand must be stretched to it.” The Court held the order of Governor arbitrary and, hence, needed to be interdicted.

In the early case of K.M. Nanavati v State of Bombay [11] , Governor granted reprieve under Article 161 which was held unconstitutional as it was in contrast with the Supreme Court rulings under Article 145.

In a landmark judgment Epuru Sudhakar & Anr vs Govt. Of A.P. & Ors [12] , it was held by the Supreme Court that it is a well-set principle that a limited judicial review of exercise of clemency powers is available to the Supreme Court and High Courts. Granting of clemency by the President or Governor can be challenged on the following grounds:

The order has been passed without application of mind.

The order is mala fide.

The order has been passed on extraneous or wholly irrelevant considerations.

Relevant material has been kept out of consideration.

The order suffers from arbitrariness.

Now that Mr Sanjay Dutt has said he will not apply for pardon, and Mr Katju insists that he will do so, the issue of whether a third party can apply for pardon will also come for discussion. In either case the review would be possible if any person either Mr Subramanya Swamy or Mrs Abha Singh files a review petition.

We are all aware how the Governors of different States are appointed. The position is occupied by hard core politicians who some times return to politics after a stint as a Governor. In such cases, granting them powers to overrule the Supreme Court judgements is very very dangerous. So far the only pardons that are being discussed were remission of death sentence and converting them into life sentence. This had some logic. But what is being discussed now is whether a prison sentence of 3 years and 6 months should be cancelled. If this is allowed then there would be no respect for any Court judgement and all the politically strong criminals will be able to get the support of politician Governors and escape punishments given to them by Courts after years of prosecution.

Such pardons will not be of any use to common people since it would only be used by politically powerful persons. Persons like Raja Bhayya or even Kanzimoli (under DMK Government in the State) can never be punished.

The provision of pardon is therefore not to be exercised without a very stringent control mechanism. The best option is to develop a public referendum if a suitable mechanism is in place (possible in the Netizen world). In the case of Sanjay Dutt type references which is closely related to “National Security” the state Government alone (in this case Maharashtra) should not have a say. Hence a referendum should be conducted by the same collegium that elects the Indian President which includes the MLAs/MLCs of all the State Government before any executive action is contemplated. Mere advise of the State Cabinet should not be considered acceptable.

Subsequently the decision should be subjected to mandatory review at Supreme Court before the terms of pardon are taken cognizance of.

Hopefully some of these points will be discussed in detail in the coming days.

Naavi

Naavi has developed a charter of demand on behalf of the Netizens of Bangalore in the context of the forthcoming polls.

Details are available at http://www.aifon.org.in/wp/?p=87

The essential part of the demand are:

1. Recognize the existence of Netizens as part of the voting Citizens by providing a “Digital ID” to every Netizen of India with which he can participate in e-Governance in a manner that the law of the land will recognize. For this purpose every Citizen who opts for Digital ID should be given a free Digital Signature Certificate as per the provisions of ITA 2008 of the class that enables him to digitally sign e-mails. Higher class of digital certificates if opted for should be subsidized by the Government.

This move will build the basic infrastructure for the Netizens to participate in activities through which they can assert their democratic rights.

Details

2. Recognize and the fact that Netizens have their own Infrastructural needs and develop a “Netizen Welfare Policy” for the State which incorporates projects that move towards providing “High Bandwidth Internet Connection” at an affordable cost just like water and electricity.

Details

3. Recognize the fact that Netizens have their own security needs and develop an effective Cyber Security policy for the State and implementation program towards making Karnataka a “Safe Cyber State”.

During the regime of Mr Yeddyurappa as Chief Minister of the State a statement was made that measures will be taken to make the “Cyber Security Capital” of the world. Towards this cyber security projects of various kinds including education, research, software and hardware development etc were envisaged to be taken. The measures include making Cyber Crime Police more effective, reducing the adverse impact of cyber crimes on the society with better security, better prosecution and provision of Cyber crime insurance.

This promise remains unfulfilled and needs to be revived.

Details

4. Recognize the fact that during the last two years, Cyber Judicial System in Karnataka has been closed with the IT Secretary who is also the Adjudicator of Karnataka and an exclusive judicial authority equivalent to a “Civil Judge”, effectively refusing to discharge his duties as an “Adjudicator”. This has made Karnataka the “Most Backward Cyber State of India”.

This needs to be corrected on a priority.

Details

5. Recognize the fact that Netizens have a right similar to “Human Rights”. Protection of Netizen’s right to “Freedom of Expression” and “Privacy” are matters that require urgent attention. Measures are required to be taken at the local level to develop such policies that protect the rights of Netizens without adversely affecting the requirements of the security of the state or the possible misuse of the freedom of expression.

Towards this requirement, a “Netizen Rights Commission” has to be set up at the State level and policies of “Regulated Anonymity” and “Responsible Cyber Expression” to be implemented.

: Details of Regulated Anonimity  Details of Privacy Protected Zone

6. Recognize that Netizens are also “Consumers in Cyber Space”. In order to adequately recognize the “Consumer Rights of Netizens”, there is a need to expand and introduce effective implementation mechanism for protection of “E Consumer Protection” through a state legislation that covers consumers of mobile services, internet services, cyber cafes etc.

A large number of E Consumers are customers of E Banking, E Stock trading, E Commodity trading etc where the incidence of frauds is very high and the relative protection is low.

A separate institution should be set up for “E-Financial Consumer Protection” to provide assistance to victims of Cyber Frauds in the financial sector. This will be particularly useful to the Cooperative banking sector which functions under the State regulations more than under the RBI.

7. Recognize the power of “Cyber Education” and extend “Virtual Education” facility to all students upto X standard across the State by setting up “Centralized Cyber School” with a pool of state’s best teachers to contribute content which can be distributed through the internet to remote areas where there is acute shortage of qualified teachers.

In order to ensure implementation of the above suggestions, monitor and review the developments as also to suggest corrections and new activities, the State should set up a “Standing Committee” under the leadership and participation of voluntary organziations such as BPAC.

Most of the above issues have been discussed in naavi,org over a period of time. However some clarifications as may be required will be placed in future posts.

Naavi