Naavi.org

It is time to directly call the attention of our honourable Finance Minister Mr Arun Jaitely on what his department is upto as regards the Bitcoin issue…. Hence this open letter…

Dear Honourable Finance Minister Mr Arun Jaitely,

I have time and again brought to the attention of the Government through this website that legitimizing Bitcoin is a harakiri as far as our financial system is concerned.

Bitcoin is a currency of the criminals and currency of terrorists. It is completely anonymous and a haven for black money parking. Bitcoin is linked to many other similar crypto coins and funds in these cryptocoins is easily fungible. China is one of the biggest holders of Bitcoins.  

If Bitcoin is legitimized all Black money will be converted into Bitcoins, your Banking system will see an evaporation of the deposit base and the stone pelters of Kashmir and Naxalites will be able to use it for distribution of money within the country without your PAN Linked Aadhaar system breathing down their neck. China will be able to destabilize India by playing with the Bitcoin supply into India.

I donot think you require anything more to appreciate that Bitcoin is a poison which should be kept away from India.

The Finance Ministry’s committee which has collected public opinion on this matter is yet to publish its findings.

At this time, I am alarmed to observe the following two advertisements/news report reported from  Economic Times.

Dear Sir, these press note/advertisements indicate that some body in your department has already given a green signal to some US based firm and also a Bangalore based Bitcoin player that the Government will shortly announce legitimization of Bitcoins in India.

I have already pointed out that every member of the Ministry’s task force should have given a declaration before they sat in the committee that they did not have any holding of Bitcoins since I suspected that the Bitcoin vested interests would try to corrupt the members.

Unfortunately the Government did not listen to this advise and now if a decision in favour of Bitcoin is announced by the Committee, the fact that these advertisements indicate a selective leaking of the information to some business interests would be sufficient prima facie evidence to indicate that there must have been a compromise in your department.

Being the top member of the Modi Government and a prominent member of the demonetization drive, it will be ironic if under your leadership Bitcoin is regularized in India. This will completely annul the efforts of Mr Modi to remove black money in India and Mr Amit Shah will not be able to face the electorate with an honest face.

Even Mr Mohan Bhagavat of RSS would have to admit that India is surrendering to corrupt forces in the form of Bitcoins and soon other things such as Drug Trade, Arms Trade etc would also be leigitimized.

I would also be surprised if Supreme Court does not come down heavily on your Government much to the delight of your friends Mr Rahul Gandhi and Sitaram Yechury.

Do you want to allow this surrender to the opposition and abdication of your responsibilities as Finance Minister?

Most of the people around you are trying to fool you with an argument that “If Bitcoin Exchanges follow a KYC process and perhaps link Bitcoin trading to Aadhaar”, every thing will be fine. Some of the Bankers have also perhaps spoken to you and impressed upon you that “Block Chain Technology” is great and must be encouraged in the Banking system. Some would have even told you to impose a “GST at 28%” on Bitcoin trade so that Government would get more revenue and you can spend it on increasing the salaries and perks of all the MPs and splurge.

I consider you to be an intelligent person and hope you would not fall for such false propaganda. Nor do I consider you to be influenced by the vested interests in any other manner.

But at this point of time, I am not convinced that you are appreciating the enormity of the mistake you are committing which will eventually cost BJP your 2019 elections.

If by any chance you want to make use of this Block Chain technology and Crypto Currency, I have other ideas which you can explore namely,

a) RBI to introduce a Crypto Rupee using the same technology but having 100% identification of the Bitcoin holder from mining to its transactions including splitting.

b) BJP may introduce a “Party Crypto Currency” to fund its election expenses which is not convertible to any legacy currency but can be used in exchange of services only by BJP party members. ( More about this can be discussed outside the blog since Congress and Mamata Bannerjee may be eager to try out this suggestion if they spot the potential).

Any further delay in not announcing an immediate ban on Bitcoins and all other Crypto Coins would be deemed as a tacit support to the Bitcoin lobby and a perception that BJP has been corrupted with Bitcoins.

I look forward to your immediate action to prove that BJP has not given up its fight on Black Money and that your department has not been bought out by the Bitcoin lobby.

I am sure that some body will soon file a PIL in Supreme Court if the Government continues to “Remain in Observation Mode” as to what to do with Bitcoins and BJP will be losing face.

I am aware that you may not like what has been written here. But the objective is to make you realize what a monumental blunder you are likely to make and I as an ardent supporter of your party and Mr Modi would consider it a tragedy if you donot come down heavily on Bitcoin without further delay.

Regards

Naavi

P.S: I appeal to the Readers to send a copy of this letter to their known contacts in the Government so that it reaches the ears of people like Mr Jaitely, Mr Modi, Mr Amit Shah and Mr Mohan Bhagavat and others.

If it is also distributed to the media, we will know how honest are the Republic and Times Now when it comes to fighting commercial interests of Bitcoin players.

On the occasion of the “Teacher’s Day” today, it is appropriate to spare a few thoughts on the role of “Teaching” in the Digital Era.

“Teaching” essentially involves “Knowledge Transfer” and it may happen either within the four walls of what we call a “School” or “College” or through any other interaction. Today, web is naturally one of the greatest “Knowledge Transfer Medium” with “Google” as one of the prominent tools of knowledge transfer.

In order to retain its status as a respected teacher, being  the “Most Accessed Search Engine”, Google needs to ensure that it’s revenue objectives donot cloud its performance.

Advertising as a Diversion

One of the areas where Google’s weakness comes through is in it’s “Advertising policies on the Search results”. The top of the search page ads  confuse the public with advertisements misleading the search engine users.

For example, if I do a “Full Site Search” from the Google tool on Naavi.org with the key word “OPPO”, the top results are all advertisements from OPPO where as my specific article on “Oppo taking over Police Stations in India” does not come up, though it does come up in the other search engine I use on the website.

“Google Site Search” therefore misleads visitors to the site with wrong results and fails as an honest “Teacher”.

I have in the past even pointed out many ads from Google Ad server which are linked to Pornographic websites (Mostly on the mobile) showing again a failure to filter such ads. “Poisoned Search Results” were once a very prominent means of injecting viruses though it has been controlled significantly at present.

Though the Search Engine is making its efforts to improve its performance and perhaps is still the best search engine by a large margin, just as a “Teacher” never stops learning and improving, Google should continue to improve it’s performance by not letting its revenue objectives cloud its performance.

Having worked in the Advertising industry myself, I am not against Google generating revenue out of advertisements but there is a difference between presenting advertisements in the side columns or even on the top with a distinctive format rather than making it look like an “Advertorial”.

I hope this “Ethics” of advertising is not forgotten by Google in the days to come…. so that we can salute Google as one of the best Teachers of the Netizens on the Teacher’s day.

Naavi.org as a Teacher

While reflecting on the activities of naavi.org, it seems that Naavi.org has been critical of many organizations both in the private sector and the public sector on specific occasions. In all such occasions, it is essential for visitors to remember that we may be trying to make a particular point though some times we may not be efficient in putting things across diplomatically. Some times the titles could be deliberately made provocative, taking the liberty of journalistic freedom. I hope those who feel hurt will look at things in the right perspective and excuse me if I have made any mistake.

One of the principles I have tried to maintain in such cases is to provide an opportunity to the organization criticized to use the same platform to post a counter. In fact way back in December 2001, this principle was espoused as a recommended strategy to counter rogue sites such as dalitstan.org. The principle also applies to other sites including naavi.org.

This suggestion may go counter to “Right to Erase” but needs to be examined by others in greater detail when we see complaints about mouthshut.com or glassdoor.com.

Similarly Naavi.org has been advocating “Regulated Anonymity” as a solution to resolving the fight between Privacy and Security which is counter to the principle of “Anonymity” which is so dear to many.

Naavi.org as a teacher therefore has several contrarian views to express and has always invited visitors to respond even with counter views if any. Though in many cases, we have invited responses from different Government agencies (a search with the key word “respond” indicates the innumerable such occasions), most of the Government agencies prefer to remain silent in the wake of criticisms. Private Sector either remains silent or some times shoots out a notice but very few take criticisms positively.

Just as old teachers some time say… “I scolded you when you were a student and see what a good citizen you have now become?”… perhaps in times to come some of the organizations which we have criticized may acknowledge that the criticisms were well meant. It could be in the case of Bitcoins or Cyber Insurance or Bank frauds or Police mistakes or even mistakes by Judiciary. May be the content of this site will be available for back reference to check if this reflection becomes true.

Such acknowledgements will bring true satisfaction to any teacher and also to Naavi.org and would be the compensation for all the efforts we are making today.

Regards to Dr S. Radhakrishnan for having enabled us to reflect on our “Teaching activities of the year…

Naavi

In continuation of our earlier discussions I am posting here some photographs :

As we can observe, all Police stations in Ramanagara sport the OPPO brand so prominently that it appears that the Police Station belongs to OPPO. In the case of the Women’s Police Station, even the word “Ramanagara” is absent.

We can also observe that in the case of the Town police station, there is also an earlier Airtel sponsored board which at least relatively shows more prominence to the Police Station.

There is no doubt that any marketing manager would be happy to have their brand displayed so prominently across different police stations which create a hugely positive impression in the minds of people who also see OPPO brand name across many of the mobile shops in Ramanagara. Even simple hoardings in prominent places in Ramanagara should cost lakhs of rupees per year on the high way at least. Association with Police is completely misleading as if OPPO belongs to Government.

This is plain cheating and not marketing.

Obviously the decision has been taken by some body who either does not understand marketing or has been suitably impressed by the marketing manager of OPPO.

When people are fighting against Chinese military aggression and dumping of its products, this OPPO invasion is unacceptable.

I wish suitable action is taken to remove all sponsor names in the Police Station name boards including Airtel boards which are also found in Bangalore.

I urge the High Court of Karnataka to suo moto take up the issue and take action or some PIL advocate take up the cause.

Naavi

Yesterday, while travelling from Mysore to Bangalore, I was surprised to see “OPPO Police Station” in Ramanagara on the highway. For a moment,  I was confused if China has taken over India and Oppo has been given charge of internal security!

May be Karnataka Home Minister and DGP can explain.

Some time back, in Bangalore, we have seen Police Station Name boards in the name of Airtel. But to see the name boards in the name of a Chinese Company indicates that our administrators have not considering the impact of such blind acceptance of commercial sponsorship of even sensitive matters such as internal security in India.

If this trend continues, we need not be surprised if Police uniforms carry Oppo or Vivo brands just like our Cricketers. May be even our Ministers may paint Huawei on their cars.

This trend must stop and stop immediately.

Acceptance of sponsorship of foreign commercial organization’s money for routine maintenance of administrative machinery of the Government is another form of “Corruption”. If Police are obliged to companies for even putting up of their name boards, then how will they take up a complaint against these companies lodged by any citizen of India?

It is necessary that all Government agencies should follow a principle where by corporate sponsorships doesn’t compromise on the constitutional obligations of the Government agencies.

On the other hand if these companies want to sponsor some event such as educating the masses on Cyber crime issues etc, it should be fine. But in such cases also the public should be promptly notified that

“This event is commercially sponsored by ……. Government undertakes not to compromise its principles in favour of the sponsors by virtue of this sponsorpship”.

In the meantime, I urge my friends in the media to file an RTI and find out what is the consideration paid by OPPO to host a board “OPPO POLICE STATION” in the Bangalore Mysore highway as rent per day and what is the normal market value of a hoarding in the same area and arrive at the opportunity loss suffered by the Government.

If OPPO has simply spent a few thousand rupees to get the Board organized, I would like to replace the board with “Naavi Police Station” and donate a board twice the size of the current board.

At least “Naavi” brand is associated with fighting Cyber Crimes unlike OPPO which as a Chinese Company is suspected that it may have a back door in its software.

Will the Government of Karnataka clarify? Will the Media question the prudence of who ever took this bizarre decision?

Naavi

We have been discussing the “Limited Liability” Circular of RBI which was first issued in draft form on August 11, 2016 and confirmed on July 6 2017.

However, recently when one of the customers of SBI Cards from Chennai, (a respectable employee of a MNC software company) who had lost money on a fraudulent credit card transaction, requested them to redress his grievance under the provisions of this circular, SBI Card replied to them that they are not aware of the existence of such a circular.

In an email reply from ceo@sbicard.com dated 1st September 2017, signed by one Jaspreet Kaur, SBI Card replied

“…we are not in receipt of any communication from RBI regarding limited liability clause. “

The Bank has provided the IP addresses from which the fraudulent transactions have been made which indicate transactions somewhere in Jharkhand while the customer is in Chennai.

This indicates that SBI card authentication system has not implemented “Adaptive Authentication” to identify an unusual transaction, as is required under various cyber Security guidelines issued by RBI from time to time.

Obviously, if Jaspreet Kaur does not know even the important Limited Liability circular, we may presume that she must be not only ignorant but incapable of understanding what is “Adaptive Authentication”.

Employing such inefficient persons with an authority to reply under an e-mail “Ceo@sbicard.com” indicates the complete lack of competence of SBI Cards to handle the responsibility of credit cards.

We also are surprised that this fraudulent transaction being a credit card transaction in which a payment has been made to a merchant, a “Charge Back” option has not been exercised by SBI Cards.

The concerned merchant is the beneficiary of a fraudulent transaction and therefore is part of a “Money Laundering” exercise. Hence SBI Card should not have hesitated to allow a charge back immediately.

SBI Cards should make a public statement if the Card holder who is also a customer of the Bank is not as much important as the Merchant who may also be a customer of either SBI itself or some other Bank.

If SBI/SBICards was aware of the Limited liability circular, they should have introduced a grievance redressal mechanism as well as indicated a policy for determination of the liabilities under various conditions. No such policy has so far been published by SBI even after two months since the circular was issued.

The casual handling of the complaint by Ms Jaspreet Kaur indicates the possibility of her being an accomplice in the fraud.

I wish Police in Chennai register a case against SBI Card as an organization and Ms Jaspreet Kaur as an individual who by her “negligence” and “an attempt to shield a fraudster” become an accomplice to the fraudulent transaction.

I also do not think that Ms Jaspreet kaur could be the CEO of SBI Card. If she is not the designated CEO of SBI Cards, her using the e-mail CEO@SBIcards.com is an attempt to cheat the customer with misrepresentation and possible unauthorized use of a senior executive’s e-mail ID which are offences under Section 66C and 66D of ITA 2008. These are cognizable offences and Chennai police should make use of this provision in pursuing the complaint.

I call upon the Chairman of SBI to also initiate an internal enquiry on the complaint and ensure that customer complaints are handled with more responsibility.

I also request RBI to also pull up SBI for not ensuring that its executives are not properly informed about the RBI Circular and if no satisfactory explanation is available, suspend the Credit Card license of SBI Cards.

I am looking forward to immediate response from some responsible person in SBI and request him to redress the grievance of this customer. (Ref: Interaction ID : 123634897427)

It is a general observation that  a large number of frauds happen in the credit card system of SBI Cards, much more than in other Banks. The reason is apparent that the SBI cards is being managed by incompetent persons who may be hand in glove with the fraudsters. There is a need for an in depth enquiry by CBI on the functioning of SBI Cards so that customers may not be subject to a “SBI Risk”.

Naavi

IAPP had organized a half day session at IIIT Bangalore in which the Privacy issues surrounding Aaadhaar was discussed in the light of the recent Supreme Court judgement. A summary of thoughts shared by the undersigned in the meet is reproduced here.

The reference to the Nine member Bench of Supreme Court was made during the discussion in the smaller bench on the Constitutional validity of Aadhaar in which one point brought out by the Government was that Privacy is not a fundamental right. Sensing the danger of the argument being held valid on account of the two earlier judgments of the Supreme Court namely the M.P.Singh and Kharak Singh judgments, one of which was from a 8 member bench, the CJI quickly set up the Nine member bench which in double quick time came up with its massive judgement and cleared the path for the smaller bench to proceed with the Aadhaar hearing under the specific consideration that Privacy is a Fundamental right.

Once this issue is settled, the Government will have to justify the Aadhaar Act under one of the “Reasonable Restriction” clauses under Article 19(2).

In this context, the issues before us are to understand

a) Does Aadhaar per-se violate Privacy?

b) Does the mandating of Aadhaar for social benefits violate Privacy?

c)Does Linking of Aadhaar to PAN violate Privacy?

d) Does leaking of Aadhaar Data through e-hospital app violate privacy

e) Does leaking of Aadhaar data through biometric device violate Privacy?

f) Once biometric is compromised, is there a way out to put the clock back?

We must recognize that Aadhaar was perceived as a data base of demographic and biometric data linked to a random number. This number was supposed to be held confidential by the owner and presented with his biometric to those agencies which needed to verify any particular parameter associated with the Aaadhaar such as the name,address, father’s name, data of birth etc. The query was supposed to be always answered in binary Yes or No and aadhaar data was not supposed to travel on the internet.

However in its implementation, Aadhaar is now used as an ID card and any authorized person who seeks information is allowed to download the entire aadhaar information on his systems where the data along with the Aadhaar number resides. The query is answered not only with the biometric but also on OTP over the registered mobile. There are also authorized APIs that lift the data from the Aadhaar server and populate forms at the User end. e-Hospital application was one such application which was at the center of the recent suspected data breach.

Similarly, wherever biometric devices are used, the biometric has to be captured and then transmitted to the Aadhaar server for authentication. Though the transmission is encrypted, it is possible for a copy of the encrypted bio metric to be stored at the device end as was. This was detected in one instance where E Mudhra and Axis bank had sent stored biometric for authentication and UIDAI had filed a criminal complaint.

Since the devices would be under the control of the intermediaries, even if UIDAI ensures an audit of the devices before it is approved, there is a possibility of them being tampered with subsequently.

The current generation of biometric devices and the technology adopted for referring the captured biometric to the UIDAI server does not seem to be secure enough to prevent storage of biometric and this could be a Privacy threat.

Thus in most cases Privacy information leakage occurs at the user end and not at the UIDAI end.  Hence what is required by UIDAI to ensure is a process by which users take the responsibility for leakage of Aadhaar data.

Currently this is determined by the provisions of ITA 2000/8 under Section 79 and 43A along with other provisions.

The issue of Aadhaar and Privacy should therefore be seen in the context of how the Aadhaar intermediaries obtain the consent of the Aadhaar users and whether it satisfies the internationally accepted principles of disclosure, minimal usage, security, limited period retention etc.

Some of the legal luminaries do consider that “Consent” being a “Contract”, it cannot be used to circumvent the abrogation of “Fundamental Rights”. In view of this, the consents need to be carefully drafted to avoid litigations.

Compliance therefore becomes a challenge to the companies who need to use “Data” as the raw material for their business.

If Aaadhar related privacy issues are to be tackled there is need to relook at the technology by which Aadhaar data base is accessed by the intermediaries who provide various services using Aadhaar as an ID. Government also should stop treating Aadhaar as an ID card which can be shared at various usage points to be photocopied and used.

If before the Aadhaar hearing comes up again in the Supreme Court, the Government issues a policy guideline on how Aadhaar data base is to be used, it may strengthen the argument to defend the Aadhaar system, Otherwise there could be a danger of impossible restrictions being imposed by the Court which may need change of many of the use cases which is under contemplation.

Naavi