IDBI Bank held liable in Phishing Case a-la Umashankar Vs ICICI Bank

The adjudication complaint of S Umashankar Vs ICICI Bank was a historic case in which the Adjudicator of Tamil Nadu, Mr PWC Davidar held that ICICI Bank is liable for negligence despite the phishing mail having been answered by the innocent victim.

This decision of the Adjudicator was challenged by ICICI Bank in the Cyber Appellate Tribunal and on 10th January 2019, the TDSAT to which the Cyber Appellate Tribunal was merged into in 2017 delivered it’s judgement upholding the Adjudicator’s verdict and rejecting the appeal of ICICI Bank.

Now in yet another case, TDSAT has upheld the Gujarat Adjudicator’s decision to hold the Bank responsible to pay compensation.

Refer the judgement here: Cyber Appeal 7 of 2013 IDBI Bank Vs Sudhir S Dhupia

This was an ex-parte order

It was interesting to note that the hearing was ex-parte and the victim got justice despite his inability to be present during the hearings . The TDSAT must be specially commended for this decision since justice was upheld without the necessity for the victim to explain to the Court that he was a victim and needs justice. If all Courts adopt this sort of stand, the Judicial system in India will come to be respected far more than at present.

Some Courts which swear on formalities need to take a fresh look at their procedures and make justice more easily accessible to the common man.

The Judgement quotes the precedence of Umashankar Vs ICICI Bank

It was interesting to note that the judgement made a reference to the Umashankar Vs ICICI Bank case both the adjudication verdict and the TDSAT’s own verdict. (Cyber Appeal 1/2010).

Other Banks should take note of such judgements and withdraw their cases against the hapless customers who cannot pursue expensive litigation to fight for their justice. Banks have public money and they are wasting their money on continuing the litigation. Banks are also ignoring the RBI guideline that RBI has given that they need to  have Cyber Insurance cover and use it such cases of third party frauds.

While looking at the negligence under Section 43 and 43A, we need to also draw the attention of the public on the Kerala High Court judgement in the case of SBI vs P V George which has been discussed earlier here where the Court has held that even not responding to the SMS alert cannot be held against the customer for denying reimbursement for such frauds.

We can also draw the attention to the following news report which reports a fraud in

Mangalore, Karnataka, where the customer has lost money even without sharing OTP or answering the Phishing mail. This highlights the fact that such frauds occur because of an inherent security flaw in the Banking system which includes the insider involvement in the frauds.

Hence Courts should take note of the increased level of security expectation on the Banks and ensure that customers who are victims of the insecure banking practices are not made to suffer the loss.

I request the Finance Minister Mrs Nirmala Sitharaman and the RBI Governor to advice the Banks to withdraw all cases of similar nature in which they are continuing to litigate with the use of public funds.

I also request shareholders of these Banks such as ICICI Bank, SBI, HDFC Bank, PNB, IDBI Bank etc., to question the boards as to why they are continuing the litigation and not settling the victim’s claims immediately.


Print Friendly, PDF & Email
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.