Naavi.org

I recently got an invitation to the  “Pledge Portal” of the Central Vigilance Commission (CVC)  to take an integrity pledge on the following lines.

Since there was nothing in the pledge which I did not believe in and has been trying to follow for all my life, I took the pledge and was provided the certificate as shown above.

When I shared this in my professional circles, there were as expected an encouraging response from many. Some went ahead and obtained their own certificate. There were many who remained silent.

 “Do we require a pledge” to be honest?

There were a few of my friends who felt whether it is required to take a pledge to be honest?. Are we all supposed to be honest anyway?

This is certainly a valid question which we need to debate. In the Theory of  Information Security Motivation that I have been propounding, I have always accorded importance to “Obtaining an Ethical Declaration” from employees after a Cyber Security Awareness Program so as to “Reinforce the Commitment”.

We all know that many would give a written commitment with no intention of following it or with an intention which they may not be able to sustain when under some kind of pressure.

However, psychologically, it would still be beneficial to obtain the declaration and keep reminding  people of what they have committed so that they are able to re-dedicate themselves to the cause.

Similarly, the attempt of CVC to request the public to take the pledge is to be appreciated and we should encourage more people to adopt this pledge.

In the pledge it is always easier to say that “I will not take bribe”. But when it comes to “I will not pay bribe”, people get into difficulty since in many cases “Bribes” are paid out of compulsion and not out of free volition. Also many times bribes are not paid to enable unethical extra favours from the bribe receiver but only to do what the person is paid salary to do and not create a problem to the citizen where there is none. This situation has not changed even after the 7th Pay commission and increase in salaries to the Government officials. Even the demonetization has not helped since now the bribe receivers may try to recoup their past losses if any.

Such “Bribes” are “Payment under threat and coercion” and most citizens feel uncomfortable when they are confronted with such a demand but succumb to the pressures.

What CVC can do to help compliance of the Integrity Pledge

If the CVC initiative has to succeed, then there has to be some mechanism to ensure that an honest Citizen should be able to register a voluntary declaration of a “Demand for Bribe” and “Bribe paid under duress”. This will also create an evidence which will not be available for Bribe demanded unless the Bribe is actually paid.

We need to also however consider a situation where the accusation of  “Demand For Bribe”, could be false and is meant to harass an honest official. Hence the mechanism should take in to account the principles of “Ombudsman”  suggested for “Whistle Blowing Policy” in a company to ensure that an honest person is not hounded by a false complaint.

Also, law need to ensure that some body who has declared a “Bribe Demand” and followed it up with a “Bribe Paid under Duress” information should be considered as not having committed any offence under law and must be protected under the “Whistle Blower Protection” just like Press are protected under Sting operations under the discretion of the Courts.

People like us who try to help Cyber Crime victims many times need to encounter situations where such “Bribe under Duress” is acknowledged by the victims. I however add that there are many honest officials who work without expecting any bribes and the system runs only on such honest persons whose tribe should increase.

One of the reasons that I am suggesting an online system for “Registration of a Cyber Crime Complaint with automated raise of IP resolution request to intermediaries“ is to ensure that temptations for the officials to use such occasions to expect a bribe is eliminated. I am sure that this is the reason that most States have abandoned the online FIR filing system and are resisting any such suggestions.

It is now for the Central Government and CVC to consider how they would assist honest Citizens to resist the pressures from those who “Demand Bribes”.

I notice that the CVC initiative is meant only for Citizens and Organizations. I donot see any initiative for Government Employees, Police and particularly the officials of the Ministries in Center and States. For these people the pledge should be mandatory and every official should display the certificate prominently in front of their working desk so that dishonest citizens would not try to corrupt a person who wants to otherwise remain honest.

CVC should also conduct a movement in Schools and request children to encourage their parents to take the pledge and sport a badge “My Parent has taken the Integrity Pledge”.

Will CVC move in this direction?

In particular, I want CVC to demand all members of the “Committee on Bitcoins” to take the integrity pledge and disclose it to the public.

The Home Ministry should also make all Police Stations to display the integrity pledge of the Police officials in the Police Station. Incentives may be given to police stations where all the employees have taken the pledge so that we can declare that the “Entire Police Station is Pledged not to take bribe”.

Next Election Should be fought on this Campaign to remove Bribes

Mr Modi should propose that all MLAs and MPs of BJP as well as the primary members of BJP to take the pledge and display it prominently in their place of work. BJP should distribute T Shirts to its workers so that the next election campaign should run on this campaign to remove Bribes from the system.

I look forward to seeing this initiative in Gujarat, HP and in Karnataka in the coming elections.

May be those who oppose all Government initiatives for the sake of opposition may not like to be part of such an exercise and I would not compel them.

I also take this opportunity to all my friends to take the pledge and sport it as part of their WhatsApp Profile pictures so that this would attract the attention of others and motivate them to do the same.

Naavi

For the last few days, security professionals are demanding that Sans Institute should apologize for depicting a wrong map of India in one of their conferences showing POK as not part of India and for not admitting their error even when pointed out.

As this report indicates, SANS refused to remove a poster that had been put up containing the erroneous map and instead offered what could be called as promise to give some business leads to the person who brought it up.

The security community is demanding that SANS offer a public apology for the mistake which the India representatives of the Institute are not willing to do. Their contention is that the map design came from US and they were not aware of the error.

This admission is even more objectionable since this indicates that the local head of the company was not able to recognize the distortion of the map because he was perhaps not aware of India and its current and past history. Secondly it also indicates that SANS must be using this map of India elsewhere in the world also and campaigning the cause of Pakistan.

It is therefore necessary for Government of India to issue a formal notice to SANS to show cause why action should not be initiated against the Company for insulting the country.

At the same time, I feel that the root of the problem may lie with many global agencies which are depicting wrong maps of India. Lonely Planet, Victor maps were two I immediately spotted and there are many more such sites. Even Google was depicting a wrong map earlier and could have corrected now.

For those who provide maps, it may be difficult to balance the views of different countries and India has a problem with Pakistan and China both of which have raised claims on our lands and the global community may not be fully aware of the issues.

It is the duty of the Indian Government to ensure that maps are properly depicted showing Indian interests in the correct perspective.

At the same time, within the boundaries of India there is no reason why educated people need to make mistakes and when mistakes are pointed out why they should not have the humility to correct their mistakes.

I appreciate the strong opposition expressed by some of my friends in the information security profession and urge the Government to initiate action to prevent such happenings in future.

I presume that the person concerned in SANS does not belong to Mamata Bannerjee band wagon which have  its own view of what is India  !.

Naavi

Yesterday was a historic day in Karnataka when Prime Minister Mr Modi visited the sacred town of Dharmasthala and offered his prayers to Lord Manjunatheshwara.

The humility with which Mr Modi appeared not only in the temple but also before Mr Veerendra Hegde the Dharmadhikari of the temple was some thing to be noted particularly in contrast to other politicians.

During the visit, Mr Modi also officially launched a program in which 12 lakh Rupay Debit cards were distributed to the members of a self help group promoted by the Dharmasthala authorities under Mr Veerendra Hegde so that they can be used for transactions in lieu of cash transactions.

It was a demonstration of how Digital payments can be adopted at small towns where there is a lower level of technical knowledge and also how institutions like temples which have a huge influence on the population could participate in such programs.

Dharmasthala is unique in this regard that besides being a well known religious place where Lord Shiva is worshipped in the name of Manjunatha, it is also known for “Dharma” and “Truthfulness”. Mr Veerendra Hegde is revered as a person who can sit in adjudication of problems and there is a belief that no one dares speak untruth before the Lord. The Dewasthanam is also known for its umpteen social service activities including education and other social upliftment programs.

While speaking on the occassion, Mr Modi spoke of the need for a “Cash Less Economy” to eliminate Black money in the country.

The importance of elimination of “Black Money” meaning “Money Not accounted for Taxes” is a key ingredient of Modi’s economic policy which should generate more revenue for the Government and provide funds for development which should create more jobs. This policy is in contrast to the Congress policy which believes that it can dole out money from the Government coffers so that the population can wine and dine without working and contributing to the wealth of the nation.

While speaking, Mr Modi once used the term “Digital Cash” to refer to the plastic money and the need to encourage its use. It is to be noted that in this context, Mr Modi was referring to money in the Banking system which is not withdrawn in the form of rupee notes but held as balance in the Rupay Cards and used as such for payments for other services and products which the card holder may need. I am sure that the shops and establishments in and around Dharamasthala will start accepting Rupay cards for payment for goods and services and reduce the need for rupee notes.

This is “Digitization of our White money lying in the Bank accounts” and this is what is to be encouraged.

Let there be no confusion between Digitized White Money and Bitcoin

I would however warn that clever manipulators of news should not use this opportunity to start saying that “Modi prefers Digital Cash for Digital India” and hence “Mr Modi is in favour of Bitcoins” and “Crypto Coins” which are a pure form of “Digital Cash”.

I will not be surprised if the same argument is placed before Mr Modi that legalization of Bitcoin is in furtherance to his own push for Digital India.

I pray that Lord Manjunatha may provide the clarity of vision to Mr Modi that after demoneitzation and GST, the next big challenge is how to ensure that “Black Money” does not get accumulated in the form of “Digital Wealth” including money in Rupay Cards.

It is for this reason that linking of Aadhar to Bank accounts is being suggested by the Government which is being opposed by many including perhaps many in the Judiciary.

Though there are issues in fraudulent issue of Aadhar cards which needs to be corrected, once the money becomes accountable in some Aadhaar card, investigators can work on establishing whether the card holder is genuine or not. If it is found that the card holder has given false particulars for Aadhaar enrolment, action can be initiated for cancelling the Aadhaar card and re-enrollment. In the meantime the money in the Aadhaar linked card could get frozen.

If this creates problems for some genuine poor people, solution is in giving them alternate Aadhaar IDs and not diluting the need to link Aadhaar number to Bank account.

However, since Aadhaar number is already linked to PAN number, there should be no need for those who have already linked PAN numbers with Bank accounts to also link Aaadhaar numbers separately. Similarly, it should be sufficient to link either a Bank account or a PAN number to the Mobile numbers instead of Aadhaar numbers so that the risk of sharing of biometric with the Chinese controlled Telecom sector is avoided.

I hope the honourable Supreme Court appreciates the need for proper KYC for Mobile numbers and hopefully they will not do anything that allows terrorists,criminals and black money hoarders to run a parallel economy with fake IDs.

Once the “Digital Wealth” in the form of Rupay Cards is properly linked to an identified individual, black money cannot be converted into Rupay Card balances as it may happen over time.

If this is not done, Black money hoarders are likely to purchase Rupay balances and pay out cash while holding the cash themselves in lieu of note bundles.

In future raids by Income Tax authorities therefore, it would not be surprising that we may find hundreds of Rupay cards in the possession of the black money hoarders  having balances running to thousands of rupees. A proper system to secure against misuse of this facility is required.

But identifying black money held in Rupay cards and Digital accounts in Banks in India is within the investigative capabilities of authorities. At the time of last demonetization, many people used JanDhan accounts of their servants and employees and deposited their black money into Banks and later withdrew them in new currency. Government is trying to analyze such transactions and hopefully over a period of time find some black money in these transactions. If Rupay cards are misused, similar investigation would reveal them in due course.

The Future Battle for Black Money is with Bitcoins

The future however is a battle for identifying black money which have been and will be converted into “Crypto Currencies” like Bitcoin. The support that Bitcoin receives world over is because the wealth in Bitcoin cannot be traced to an individual and hence escapes taxes and helps in their use for illegal activities. The premium it enjoys is soley built because of this use of Bitcoin for criminal purposes and not because of any inherent

If therefore Mr Modi does not ban Bitcoins and all other Private Crypto Currencies, Black Money hoarders will convert their black wealth to Bitcoins and Government will lose track. The Finance Ministry under Mr Jaitely is yet to recognize this risk and is happy in “Observing” the Bitcoin and Crypto Currency usage while the industry is exploiting the gullible public and luring them to invest their hard earned money in Bitcoins. Vested interests are developing and as they strengthen,  they will oppose any attempt to ban Bitcoins in the future.

There are others who are trying to fool every body that “Block Chain Technology” is great and it needs to be adopted in all Banking transactions including issue of Currency and Bitcoin is one such great innovation. Some in the Government might agree with the argument and try to encourage Bitcoin without understanding the dangers.

I wish Mr Modi will get the revelation in Dharmasthala that Bitcoin is the biggest Black Money threat to India after demonetization and needs to be killed.

Naavi

I welcome the move of the Government to celebrate November 8, 2017 as “Anti Black Money Day”.

While politically, this is a reply to the opposition who wants to oppose the demonetization, I want Modi Government and Mr Arun Jaitely not to simply stop at counter rhetorics for the sake of TV media but to take the “Anit Black Money Drive” further.

Presently, if one goes through the various articles on this site, it is clear that I am blaming the Government and particularly the ministry under Mr Arun Jaitely that they have failed to take action against Bitcoins which in my opinion is required for curbing the growth of “Digital Black Money”.

I continue to hold this opinion until the Government takes the firm step of banning Bitcoin and all other private Crypto Currencies. I also continue to speculate that there could be vested interests in the Government who are not interested in eliminating Bitcoins because they themselves may hold Bitcoins.

Though this may displease MR Arun Jaitely as well as others around him and it is not fair to tar the entire ministry officials with the accusation of vested interest, as an observer from outside, there is no other conclusion that we can draw when we see that the Finance Ministry dithering in taking its decision.

If there are some “Good Bureaucrats” who feel offended by my repeated accusations, I request them to pardon me but at the same time come out into the open and state whether they want Bitcoin to be banned or not and why a decision on this is being delayed by other “Bad Bureaucrats”. If Good people remain silent, it means that they are passively assisting bad people. This is the time for people to take a stand on Bitcoin and either come in support of it or oppose it whole heartedly.

We have seen that when the Government released a policy for the public opinion through MyGov.in with a query “Should Bitcoin be banned, regulated or continue to be observed ?”, the query itself was unwise. Regulation and Banning were same and “Continue to Observe” was an absurd decision to seek public opinion on. This was perhaps first time that a Government was seeking public opinion for not doing anything on an important issue and allowing speculation to thrive.

Then the MCX which was part of the Government controlled regulator tried to meddle with the public opinion and officially intervened with its opinion on the My Gov platform until it was withdrawn after being challenged by the undersigned.

But the Ministry did not respond to the objection raised even with an acknowledgement.

Subsequently, the Finance Ministry stated that they have formed a committee to look into the public opinion expressed on the My Gov query without naming the members of the committee and later stated that a Committee of RBI will take the decision.

So far no decision has come forth and effectively, the absurdity of Government “continuing to observe” continues. This is the classic method of “Taking No decision is also a decision”. It works some times but in the current case it has only aided and abetted speculation in Bitcoin and there is no way independent observers like us cannot think that this is a deliberate move so that vested interests close to the decision makers or the decision makers themselves are benefiting by promoting the speculation.

This however has not prevented from “Leaks” coming from the Finance Ministry officials some times stating that Bitcoins will be regulated, some times stating that Bitcoins will be banned and some times stating that Government will introduce its own Cryptocoin etc.

All these things only add up to a “game” being played by vested interests. Some time back there was a private query on me why I say that “A game is being played”. I suppose the flipflops above are a clear reason why I think that somebody is playing a game.

Now therefore, when the Government says that it will observe November 8 as an Anti Black Money Day”, while we welcome the move, we also express our doubt if this is just a political counter narration and nothing else.

If the Government is serious,….Mr Arun Jaitely…kindly clarify if you are personally committed and serious on this issue…… why the Government cannot appreciate that the “Bitcoin” is a repository of “Black Money”. It is a representation of “Digital Black Money” and now it is present in the form of multiple Crypto Coins.

The operators of this Digital Black money are so confident that the Government of India would rule in their favour that they are willing to release advertisements in news papers for recruiting CEO for new Bitcoin business units and promote Bitcoin as an investment for Diwali instead of Gold.

It is a shame that the Government does not act to curb such attempts.

This is like keeping quiet when some body advertises :

“Here is a great opportunity to convert all your Black Money to an internationally accepted benami property Convert your Bank deposits to Bitcoins…today”

or inviting professionals with an advertisement

“Apply if you want to be  a CEO for Digital Black Money India Limited”. 

Mr Jaitely in an intelligent lawyer and also a Finance specialist. I therefore donot think that he does not understand the implication of Bitcoin promotion and its legalization on our economy.

Hence I take it that if Bitcoin is not being banned now, it is because Mr Jaitely does not want it to be banned.

It is now time for Mr Jaitely to prove me wrong. The occassion is November 8, 2017. The means is to announce “Demonetization of Private Crypto Currencies”.

If Mr Jaitely does not want to do it, then the ball is in the Court of Mr Modi once again. But it can even be done by Mr Urjit Patel on behalf of RBI.

Will any of these three people have the guts to act in the interest of eliminating Black Money in Digital Form?

I will watch for 8.00 pm on November 8 to hear …”Bhaiyon or Beheno” in Modi style or “Brothers and Sisters” in Swami Vivekananda style….that India has taken a tryst with destiny to eliminate Black Money not only in Physical currency form but also in Crypto Currency form.

If the Government does not know the modalities for implementation of a Crypto Currency ban, then free consultancy would be made available to the Government on what can be done.

Will Mr Arun Jaitely, the Honourable Minister of Finance respond?

Naavi

We have seen that frequently PIL lawyers approach Courts including the honourable Supreme Court on matters pertaining to changes required in Cyber Law. Supreme Court is highly responsive when there is a petition against the Government and celebrity advocates take up the case. When the matter is however of “Common Man’s Interest”, the Courts some time are unable to appreciate the importance and comes down heavily on the litigant with heavy fines. Hence many public spirited advocates hesitate to take up the real issues of interest to the public while unimportant issues hog the time of the Supreme Court.

I however request the PIL lawyers to consider the following reference to the Supreme Court and also urge the Supreme Court to consider hearing this petition in the general interest of the public.

The Problem

We are all aware that Cyber Crimes are on the increase and need to be addressed through all means including efficient use of the existing laws, modification of laws, improving the knowledge and skill of law enforcement, improving the public awareness, hardening the security in the IT ecosystem etc.

In the myriad number of ways that we can bring about improvement, I have just one immediate concern to be addressed in which the Ministry of Information Technology can administratively intervene through notification and the Judiciary can intervene by clearing the ground for challenges which are bound to arise.

In every Crime under IPC or ITA 2000/8 involving communication through E-Mail or Website, Facebook, Twitter or Mobile based messaging systems including WhatsApp, Sarahah, the critical component of investigation and subsequent prosecution is the identification of the “Source” from which the offending message emanated. In simple terms it could be the “IP Address” of the device from which the crime was committed.

Presently the Government of India is trying to add Aadhaar identification to Mobiles at least in India and therefore identification of mobiles should in future not be an issue though criminals may switch to use of SIM cards from Pakistan or Bangladesh or use the web for voice communication and continue  to hide their identity in committing crimes.

Since Internet Protocol requires an IP address to be allocated by some ISP some where for the communication, if the User of an IP address can be traced, quickly and accurately, part of the Cyber Crime investigation problem would be under control.

Technologists would immediately jump up and say that IP address can be hidden under proxy servers, there are many free anonymizers, and Tor browsers and a “Deep Web” where anonymization is the rule and hence it is impractical to rely on the IP address. They also point out that the use of IP address sharing technology in dynamic IP addressing systems including the Carrier Grade NAT (CGN) used by ISPs could cause errors in identification of IP address.

It is admitted that IP addresses in many cases become untraceable within the country and need the assistance of international law enforcement agencies, Mutual Assistance Treaties etc and even when resolved, there could be errors.

However, even to decide that a suspect is not traceable, we need to complete the process of IP address resolution and record that the person (or the device) who has been identified as the owner of the suspect IP address has a good alibi and hence a criminal case may not sustain.

However, even when the Criminal Investigation fails to make progress, Cyber Crime victims may pursue the Civil remedies available to them. Most of the Civil remedies donot depend on the apprehension of the suspect. It only requires a confirmation of the law enforcement that an “Offence Has Occurred” and a “Wrongful loss has been caused to a person”. The Intermediaries involved in the transaction become “Liable by Proxy” and the Victim is entitled to recovery of his losses even while the criminal investigation may continue to find out the real criminal.

Section 79 and Section 85 of ITA 2000/8 (P.S: IPC may be  vague on Vicarious liability of officials of a Company as this Supreme Court judgement may indicate) lay down clear principle that in offences falling under ITA 2000/8 the intermediary shall be guilty unless he proves “Due Diligence”. Even under IPC there could be many instances when the Company/Organization continues to be liable for the offences committed by the Company though the officers in charge may be exempt from the vicarious liability as per the Supreme Court judgement.

Hence Cyber Crime victims are interested in registering of a Cyber Crime and a report from the law enforcement that an IP address was either traced to the satisfaction or failed. They may prefer to continue their civil remedies and not be bothered if the criminal was arrested and prosecuted or not.

The intermediaries however need to cover themselves with suitable Cyber Insurance so that they absorb the loss as part of their operational risk.

I therefore consider that IP address Resolution is an important first step to every investigation and all hurdles to successful IP address resolution needs to be removed.

Solution

It is in this aspect that I urge both administrative action by the MeiTy and Judicial empowerment through a proper direction from the Supreme Court.

The biggest problem I see in the resolution of IP address is that the current system adopted by ISPs need to change. Currently they are all focussed on “Hiding the Originating IP address” of a web transaction and replacing them with a “Proxy Address”. In the case of CGN, the reason could be a more efficient use of available public IP addresses. But in many other cases, the reason is a false understanding that the “Privacy” of the service user requires that his IP address should be hidden from the communication.

As a result of this, e-mail providers like Google routinely replace the original IP address in the headers by their own proxy IP address. When therefore the IP address is to be resolved, the Cyber Crime victim needs to file a Police Complaint and the Police has to issue a proper CrPc notice to the representative of Google and then wait for them to respond.

Currently, this process of getting a response from Google or other international ISPs is highly inefficient and time consuming. Often the Police cannot get the information within the Golden hour and the criminals will easily escape.

If instead of Google if the service provider is a “Protonmail” then Police may find it even more challenging to get any cooperation from the e-mail provider.

Once the IP address is resolved to an Indian ISP, Police may be able to approach the local ISP and get the last mile resolution quicker but even this may take 24 hours unless some intervening holidays extend it even further.

The Requirement

We therefore require that the MeiTy issue an immediate notification under Section 79 (on the lines of the removal of offending content when brought to their knowledge) that when a request is made by any member of the public to the grievance redressal officer of the ISP (mandatory under ITA 2000/8), the ISP shall within two hours provide the resolution of the IP address to the next available level. The only condition to be attached to this request should be

a) Identification of the person requesting the information if necessary with his Aadhaar ID/other Government approved IDs

b) Declaration that the information is requested in good faith and belief that a “Contravention of an Indian Law” has occurred and the information is required for pursuing the legal remedies available under the laws of the land to the person seeking the information or to the person whom he is representing.

This notification can be issued either under Section 79 or under Section 69B or under both.

Alternatively, the Intermediaries such as “E Mail Providers” and “Domain Name Registrars providing WhoIs information” should be directed as part of the “Due Diligence” under Section 79 that “Originating IP Address” should be added to all header information and client registration information so that affected persons can take it up with the ISPs for final resolution. This would not amount to revealing the identity of the person since still one more layer of obfuscation is present in the form of the dynamic IP address allocated by the local ISP.

The ISPs using CGN and anonymizers should be mandated to maintain records of the original client identity mapped to the allocated dynamic IP address and make it available on request.

If such a notification is issued, it is likely that some Privacy enthusiasts may approach the Supreme Court asking for striking down the notification as “Unconstitutional” because it affects the “Privacy Right” of the suspected criminal and his “Guaranteed Human Rights”.

I also consider that it is the fundamental right of a recipient of an e-mail to know the originating IP address of the sender. Since the email body contains the declared name of the sender, there is no reason for the sender to have any objection to revealing of his originating IP address unless he has “Some thing to hide”. If he has “some thing to hide”, it is technically an “Attempt to impersonate” and an offence in itself.

I therefore request the Courts either at the High Court or Supreme Court level not to interfere if such a notification is made by the Government.

However, if the Government is not bold enough to take a stand and is not willing to issue, I would like the Supreme Court itself to issue such a direction in the interest of Cyber Crime mitigation in the Country.

This issue can be taken up by the Supreme Court Suomoto without waiting for any PIL.

However, I also request PIL advocates to take up this issue with the Supreme Court and try to obtain a direction to the Government.

I am sure that the usual celebrity PIL lawyers who fight for Kashmiri terrorists and Naxalites will not take up such cases because these issues  are not considered as fight for “Human Rights”.

It is therefore left to the genuine public spirited lawyers who have the cause of Cyber Crime victims in India in their hearts to take up the challenge and seek the intervention of the Court.

Are you one such lawyer?… Then go ahead and move the Supreme Court…. today…

Naavi

It was brought to my attention yesterday that an IT professional in Bangalore had ordered a Mac Air Book online and made payments to two individuals having accounts in SBI Aizwal and SBI , IIT Powai branches.

It appears from the records available that at least one of the two accounts used for the fraud has been repeatedly used for such crimes over a period extending at least 4 months. It means that the Bank has been nursing this fraudster’s account as a “Partner in Fraud”.

One of the account also has a PAN card number associated with the account which in the investigation has to be found out whether it is genuine or fake.

The victim has been advised to file a complaint of cheating with the jurisdictional police station and not as a Cyber Crime.

I hope the Police would register the complaint against the Bank and proceed to prevent further frauds occurring through the same accounts.

Despite the collection of PAN number, the accounts being used for commission of fraud and transfer of proceeds abroad represent a “Money Laundering” crime and I hope the Police will follow it to the logical conclusion and provide relief to the Victim.

I am posting this here to warn others not to rely on advertisements appearing in Facebook or Twitter where goods are being offered for sale as a direct import at a price lower than what the Flipkart or Amazon offers on their platforms.

In this case, it appears that the fraudsters had issued some advertisements in the name of a non existent foreign firm offering sale of Mac Air Book and collected money in India. It is not sure now if the money actually went abroad or was used by the fraudsters in India itself. Since they are the account holders of SBI, the Bank would also be liable as a conspirator in the crime.

If the KYC on the account is faulty, I expect the RBI to take notice and impose a heavy penalty on the Bank.

I have earlier recommended that such KYC fines should be used to provide compensation to the fraud victims. I urge that RBI should consider that proposal as a “Fraud Guarantee Scheme”.

Naavi