Naavi.org

Naavi.org has been time and again pointing out that Bitcoins and Crypto Currencies are like the drug menace and have to be eliminated from India if we are serious about rooting out corruption and cyber crimes.

I still believe that Mr Narendra Modi is interested in curbing corruption and cyber crimes. The currency used for these illegal activities including terrorist payments is Bitcoins and other forms of Crypto Currency.

If Crypto currency is eliminated, the Dark Web will be choked of its life blood and it will reduce Cyber Crimes. If this was the only benefit of curbing Crypto currency, perhaps the MOH would have persuaded the MOF to ban Crypto Currency long time back.

But, more importantly, Bitcoin and crypto currency is the life blood of corruption in India and all the politicians, bureaucrats and even some members of the Judiciary could be soft on anything that prevents easy means of corruption and hence are happy to let Bitcoin thrive.

At one point RBI was trying to bring curbs on Bitcoins, But the Bitcoin lobby was able to get a surprising favorable judgement from Supreme Court. It provided what appeared to be a temporary technical relief which has now become a conspiratorial permission to legitimize Bitcoins.

Since then, RBI also has gone silent. The draft bill for regulation of Crypto currency is gathering dust in the MeitY . The message to the public is clear. Corruption wins against even Mr Modi.

I have been trying to bring to the notice of Mr Modi as the last hope to take action in this regard but so far, there is no reply or even an acknowledgement from PMO or the PM.

I suspect that any postings made in the PMO website is filtered and it is not reaching Mr Modi.

Unless Mr Modi takes steps to be able to listen to the public without the coterie deciding what he should see and what he should not, this matter will not get his attention. In the meantime, there are attempts for Banks to get deeper into handling Bitcoins since every body including the Bank Chairmen are happy to support the “Currency of Corruption”.

Waiting for A Miracle

I wish that  there is a miracle and Mr Modi turns his attention on Banning Bitcoin.

Let  God give strength to Mr Modi to take this decision which will surely be a decision harder than launching an attack on China across LAC.

I request any of the viewers of this post including the intelligence agencies who should be monitoring this blog, to bring it to the notice of Mr Modi so that he can once for all clarify whether he has the courage to block Bitcoins and crypto currencies in India or he is too afraid to take this decision.

Once a clarification is received from Mr Modi one way or the other, people like us can  drop our hopes and devote our attention to other things.

Naavi

It is interesting to note the news report in Republicworld.com which states that Quora has disabled the account of “True Indology” classifying one of its posts as “Hate speech”.

The post has been reproduced here:

“After the partition of India, Owaisi’s party MIM praised Jinnah and invited him to their annual conference in 1947. Even Nizam of Hyderabad praised him to skies and publicly declared that Jinnah was the greatest Muslim politician. Following were the words used by the Nizam of Hyderabad for Jinnah .’Dear Jinnah, please come to our annual session Majlis Ittehadul Muslimeen. Hyderabad looks to your support. You are a life-giver to the whole Muslim community. You are an untiring warrior to the cause of Islam,” 

To any independent observer, the post does not seem to have any hate content. Perhaps for Quora, the words “Owaisi”, “Jinnah”, “Islam”  are key words which the AI algorithm uses for classifying hate content.

The incident indicates the inadequacies of AI for content screening and the lack of human oversight.

We may recall that some time back we highlighted that YouTube deleted the account of Mr Praveen  Mohan  who is an independent researcher who has done studies of temple architecture across the globe and points out observations linked to science and mythology. Some times he makes reference to the oldest civilization on earth which unfortunately happens to be the Hindu civilization. He therefore makes references to Ramayana, Mahabharata etc.  This account has since been restored by You tube.

But the two incidents indicate how the Social media groups err in content filtering by making any information on Pakistan from India as “Hate Speech” and any reference to “Temples” as “Inappropriate content”.

I hope Quora will admit its mistake and restore the account of True Indology with an apology.

The report suggests that Quora belongs to the Twitter group. We have indications from the past that Twitter management is controlled by Pakistan sympathizers and probably the moderators of Quora also have tuned the AI algorithm to be Pakistan sympathetic.

If Twitter and Quora chose to take the Pakistani side in launching an information war on India, they may soon find competitors developing in India and just as Chinese apps are being replaced by Indian apps, Twitter may be replaced by Koo or some other Indian app, if not completely, at least for the Indian audience.

Hope Quora will realize its mistake and correct it. I look forward to their press release on republicworld.com.

Naavi

In a bid to appear non partisan, the Joint Parliamentary Committee (JPC) on Personal Data Protection Bill 2019, has invited not only the industry associations but also many individual foreign technical giants to depose before itself. If Amazon, Twitter, Google, FaceBook or even VISA etc are invited to depose, it is more likely that the JPC will gather more views on how to dilute the Bill further rather than protect the data sovereignty of the country.

Already the PDPB 2019 is a highly diluted version compared to the PDPA 2018 and the most contentious part of Data Localization has been given up.

When the EU GDPR is moving more and more towards “Data Localization” through an imposition of the Standard Contractual Clauses, it is strange that India is providing free data transfer across the borders.

There were two major demands on the Indian Personal Data Protection law. First was to reduce the power of the Government to use personal data for carrying out its responsibilities in law enforcement and national security. Second was to ease the controls for data transfer out of India without reasonable restrictions.

The PDPB 2019 has already accepted the “Free Data Transfer” principle. Now if the Government keeps consulting all the business entities, the only suggestions they receive would be how to make the bill more friendly to business.

There is already a rumour in the Delhi circles that the business entities are entering into various deals with the Government and it will make changes to the Bill as dictated by these agencies.

We sincerely believe that the JPC will not fall into the trap of listening to the tech giants who are known “Manipulators” of public opinion.

The Current objective of the JPC is to get the law fine tuned to avoid gaffes.  A law like this will need to balance the views of multiple types of stake holders and the JPC cannot therefore satisfy all. In the end every one will have some points of dissatisfaction and it is perfectly natural.

By prolonging the decision and listening more and more to vested interests, there is a possibility that the JPC will be overwhelmed by the business views. At some point of time, some body will say, out of 100 people who deposed before the committee, 90 wanted that data should be freely transferred, 85 wanted Government not to have any rights of surveillance etc and force the Committee to make changes to accommodate the majority view. This will make it difficult to introduce decisions which are good for the country.

I would like to point out here, if the Government runs a referendum on the Indian Constitution, a majority of Indians would opt for a re-definition of the term Secularism to mean non appeasement of specific religions, caste etc. Just as the Government would not like to go by the majority in making laws of such nature, PDPB cannot be left to be decided by the majority of deponents who represent vested interests. It will be like taking a referendum in Kashmir after cleansing the Hindu population.

We therefore urge the JPC to be not too much worried about inviting every business entity to depose before it and restrict its consultation only to neutral experts in the filed.

There is a proverb in Kannada to the effect “Some body tried to create Ganesha in clay and ended up creating his father (Lingam)”. (ಗಣೇಶನ ಮಾಡೋಕ್ಕೆ ಹೋಗಿ, ಗಣೇಶನ ಅಪ್ಪನ್ನ ಮಾಡಿದರು).

Similarly, there is a real danger that the final version of PDPB may turn out to be  completely different from what it was meant to be. I wish the JPC  resists the temptation of inviting all and sundry,  prolong the proceedings and let itself to be brainwashed.

Even if the JPC holds up its commitment for an act that serves more the Indian interests than the business interests, we see the danger of some of the opponents of the Bill creating documentation to help them challenge the Act later stating that a majority of deponents had a different view and it was unfairly ignored by the JPC .

If it happens, it will be a tragedy.

Naavi

Data Breaches are happening every day exposing companies to major data disasters. When the Indian Personal Data Protection Act becomes a law in early 2021, Are we ready to meet the consequences?

FDPPI presents you an opportunity to share your thoughts on how your company is preparing for  PDPA compliance in India.

Please share your thoughts through a survey available here:

FDPPI in association with Cyber Law College is structuring specific programs to address the requirements of different types of organizations to get ready for the PDPA era in India. The survey is intended to be of use in this direction.

Naavi

Close on the heels of the Breach Candy hospital breach which resulted in the compromise of 121 million records and Dr Lal Pathlabs resulting in a compromise of over 1 million records, both of whom were neglected by the CERT IN as well as the media, an attack on Dr Reddy Laboratories seems to have been noticed more prominently by the media.

The reason appears to be that Dr Reddy labs decided to keep its operations closed in India, UK and US, until the breach is properly investigated and remedied and the stock markets also reacted to the closure.

The exact nature of the Dr Reddy labs is not known and unlike the other two cases where the access to the Cloud was reportedly compromised, by hackers, in the case of Dr Reddy’s, company’s own data centers might have been adversely affected probably by ransomware.

The spurt of attacks appear to indicate that before the PDPA becomes a law, hackers want to ensure that valuable data from the pharma industry is siphoned off. In the case of Dr Reddy’s, hands of the competitors and State Actors from China cannot be ruled out.

If PDPA had been in place, there would have been better resources allocated to Information Security/Data Protection by these companies at least in the fear of the heavy penalties. Now companies are taking it easy and hence are vulnerable.

One of the reasons why Companies tend to ignore security for the data assets is that the value of the data asset is not visible on their balance sheets. For example, according to a recent study, the price of medical records in the Dark web can be anywhere between US$250 to $1000.  (Refer here). If this is true, then the value of 1 million records is around Rs 1750 crores to around  Rs 7000 crores. If this value was seen on the balance sheet of Dr Lal Pathlabs or Breach Candy hospital, they would have easily appointed the best professional as a DPO or CISO to take care of the information security and probably prevented the attack. In the case of Dr Reddys, there could be value out of IPR more than the number of records along with the reputation loss, and business loss arising out of closure.

While Information Security professionals worry about how to encrypt, the data, manage the keys, ensure access through complex passwords or digital signatures or hardware tokens etc., we need to also look at the possible reduction of risks if the Company was aware of the value of the data they are holding.

It is therefore suggested that the Institute of Chartered Accountants and the Ministry of Finance should find a way of bringing the notional value of data held by a company into the balance sheets. For example, “Good Will” and other intellectual property rights are often brought into the balance sheet in the form of special reserves which are there on record but not available for dividend distribution. Similarly, contingent liabilities such as guarantees are brought into the books as contra entries. In either case the share holders and SEBI would be aware of the presence of the data assets in the company. The Board can ask relevant questions to the CEO whether the asset is properly secured and insured.

If this is achieved, there would be a huge improvement in the information security investments and corresponding reduction in the attacks. This has been established in studies on the Data Breach losses in companies where it is found that companies with a designated CISO have lower cost of data breaches.

The Ministry of Finance has a second weapon to reduce such Cyber attacks. This is by choking the economy of Cyber Criminals in the Dark Web and making Cyber crimes less remunerative. This can be done by banning all forms of Crypto currencies. I am aware that many administrators, politicians and even members of Judiciary are in favour of Bitcoins for their own reasons. After all Bitcoins is the best Currency for Corruption and even Mr Modi and Amit Shah think twice before attacking Bitcoins. But the long term solution to mitigation of Cyber Risks lies in banning Crypto Currencies rather than chasing Cyber Security through better Firewalls, Consumer education etc. Current approach in Cyber Security is to let the damage happen and then try to address the consequences rather than counter attack the hackers and bleed them of the reward of crime.

We hope the Government will muster enough courage one day to take Crypto currency by the scruff and destroy it for ever. It is more dangerous than the Narcotic drugs and can easily compromise every one who comes across.

I am confident that Mrs Nirmala Sitharaman, Amit Shah or Mr Modi are immune to such compromise but may still lack the will to take on other bureaucrats and politicians who may pounce on the Government together if Bitcoin is banned.  Hope Goddess Chamundeshwari will on this Vijayadashami provide courage to these three to pick up their swords and kill the demon of Crypto Currency.

Naavi

When Section 66A of ITA 2000 was used by the Mumbai Police to arrest the Palghar girls, several people objected to the arrest and claimed that there was an infringement of the right to freedom of speech. When the case went upto Supreme Court, the Court said there was a “Chilling Effect” caused by Section 66A provisions that could stifle freedom of expression and scrapped the section.

Now one is left to wonder where are the Shreya Singhals and the Supreme Court when there is an assault on the freedom of press in Mumbai where the Maharashtra Government is acting more lethal than the 1975 Indira Gandhi regime and the Mumbai Police is acting most unprofessionally.

Is Freedom of Press limited only to

opposing Section 69 notification under ITA 2000? or

opposing implementation of Aadhaar? or

opposing the notification under Section 79 for intermediaries?

Is the stifling of Republic TV channel not an infringement of the right to free speech?.

Supreme Court owes an answer for the people of India.

Where are organizations like Medianama.com who jump into action  whenever there is an  anti Modi Government issue to fight on?

Why are they silent on the assault on freedom of press in Maharashtra?.

Are they also like the Award Wapsi gang with an agenda?…

there is a need for introspection by these agencies.

While Republic might have invited the wrath of the  Government and Mumbai Police because of the intense campaign it ran and is running, why are other media vehicles in the Print and Internet as well as other channels like Times Now maintaining silence on what is adversely affecting their industry as a whole?

By treating this as a problem of Republic alone we are allowing the Mumbai Police and Maharashtra Government to use “Divide and Rule” policy.

It is a shame if Times Now thinks that it can benefit if Republic journalists are all in jail without understanding that the plight of Republic may come to them next.

NDTV and India Today may be rejoicing since they are known to consider Republic as a sworn enemy and their editorial policies are opposed to both Republic and Times Now.

If we allow Maharashtra Government to succeed in its attempt to silence Republic now,  there will be a permanent damage to the freedom of speech in India. This can never be corrected.

I would not hesitate to also blame the Central Government to have remained a moot spectator and allowed the issue to escalate.

With Maharashtra Government declining permission for CBI in the state, it appears that the Shivasena is slowly taking Maharashtra out of the federal system. In due course, it can be another troubled state like Mamata’s West Bengal .

We all expected  Mr Modi and Amit Shah to be  decisive leaders but we find that  they are failing in their handling of Maharashtra. If they donot wake up now, they will be responsible for the deterioration of law and order across the country as more states like Kerala will intensify their anti national tendencies.

Many of the professionals in the media and academy were not happy with the Arnab way of “Journalism by shouting”. But that is an issue that pales into insignificance when we talk of whether 1000 journalists of Republic be harassed with FIRs and mid night enquiries are to be conducted to extract evidence in TRP case while the post mortem of Sushant Singh Rajput is deliberately botched up.

It is time that Media as a whole whether it is Digital media, TV media or Print media raise their voice against the actions that are being taken by Mumbai Police and Maharashtra Government in the Republic issue.

Let me not mince my words. Our Supreme Court would have taken a suo moto notice  if there was a similar action against any publication or entity which is part of the  favoured lobby in Delhi. But it appears that the Supreme Court wants to keep its distance since the victim in this case is Mr Arnab Goswami and his channel, supportive of Mr Modi and BJP.

There is a perception that our constitution does not support equality  for all and has a built in bias against parts of the community brought in by the various amendments. It is the duty of the Supreme Court to correct this impression by its intervention when required. It is therefore the responsibility of the Supreme Court to act swiftly and try to assure the citizens of India that what is happening in Mumbai is unacceptable by any democratic standards.

Otherwise there is no difference between this Supreme Court and the Court of 1975 which upheld the emergency. The state of lawlessness visible in Maharashtra now, is a clear indication to the international governments to consider that Indian judiciary cannot be trusted to uphold democracy in a crisis. Just as it capitulated in 1975 to political expediency, it is again showing a tendency to abandon its duty to  pull up Mumbai Police and the Government.

If EU-GDPR authorities are looking at India for “Adequacy” or economists are looking at “Ease of Doing Business” in India they will take into account the Law and Order situation in the Country. The EUCJ judgment on Schrems II case is a clear indication that unless unfettered action of the Government and the Police on companies is not checked in law, there is no “Adequacy” under GDPR.

The international agencies may now have to consider that Maharashtra is a state in India for which the they have to assign a lower score in terms of lawful democratic governance.  As a federal Country with law enforcement being the local subject, the interference by Police is a local Government issue. Other states may claim that they are more democratic than Maharashtra and claim a better “Adequacy” or “Index of doing business” than Maharashtra.

This may mean that some States in India may be considered “Adequate” under GDPR requirement and some may not. Maharashtra belongs to the “Not Adequate Status” by miles.

I suggest that Karnataka Government may seize this opportunity, reiterate its “Lawful Governance” and claim a superior status for its Data protection status. This will enable data centers in Maharashtra processing EU data to shift its data centers to Karnataka.

If however, Maharashtra is considered part of India, the rating of India also may be downgraded and we will not have any defense.

These are long term adverse implications of the fight between the Maharashtra Government and Republic Channel. Both the Central Government and the Supreme Court have to accept responsibility for such developments caused by their inability to discipline the rogue elements in the States whether it is in J&K, West Bengal, Kerala or Maharashtra.

Naavi