Naavi.org | Towards building Cyber Jurisprudence in India

Cyber Insurance-4: The enigma called Cyber Insurance Premium

Posted on July 17, 2016 by Vijayashankar Na

[This is a continuation of our discussions on Cyber Insurance Survey-2015 ending with our previous article : …Who Should Get Insurance Cover?]

Last Friday (15th July), TATA AIG conducted a conference in Bangalore attended mainly by CFOs of different industries in Bangalore to promote their “Cyber Insurance” product. Cyber Insurance in India is being talked about for more than 5 years but companies have been hesitant to push the product aggressively because of the fear that Cyber Risks may be too hot to insure. Most of the time the Insurance companies have been tentative in their approach and are reluctant to discuss their policy offers in detail and in open. In this background, it can be appreciated that Tata AIG at least considered spending some marketing rupees on promoting their product though they hedged the marketing cost with their more popular D&O policy (Directors and Officers Liability Insurance) covering Director’s liabilities for negligence and omissions under the new Companies Act.

The interaction followed the familiar logic that “Cyber Risks are growing and Companies may be facing huge liabilities and existential risks like what Sony or Ashely Madison faced recently or some of the ransom ware threats faced by Indian companies and therefore they need to go for Cyber Insurance.

However, the meeting failed to address the most important aspect of “Cost of Insurance” and how it can be brought down. Obviously, as the Risk grows, companies would be willing to consider Cyber Risk insurance but unless the policy is reasonably priced, it is difficult to expect Companies to really cover their risks.

According to a recent press release from TATA AIG itself, the policy premia for a Rs 5 Crore limit range from Rs 5 to 10 lakhs for manufacturing industry, the education sector and for consulting, accountancy and similar professional services. This may go up to Rs 25 lakhs for financial services, health are and telecom industry. This indicates that in the industry segment where there is a need for insurance cover and also some acceptability of the cost the premia could be Rs 25 lakhs for cover of Rs 500 lakhs or nearly 5%. Can a Flipkart or Ola or even a Bank consider 5% as the cost of insurance is doubtful.

Secondly, incidents like Sony and Ashely Madison make good discussion point for creating the threat perception but it is difficult to believe that a Cyber Insurance policy would cover what was perhaps a Cyber War attack in the case of Sony or a patently illegal business of Ashely Madison. Such companies may take the insurance only for the sake of projecting their commitment to cover the risks but their claims are unlikely to be accepted when the d-day arrives.

When we conducted the Cyber Insurance Survey 2015 therefore we tried to get the perception about how the premia in a Cyber Insurance policy is determined.

Cyber Insurance policy being a hybrid policy that is having cover for both the “First Party Loss” and “Third party liability”, the premia could be “Asset Value Based” for the First Party loss and “Discretionary Based” for Third party liability. However, the Insurance companies are not transparent about their premium policy and hence insurers are not sure where they stand on the cost of insurance as well as the success of their claims if required.

During our survey, 82% of the respondents felt that the premium should be fixed on the basis of assets covered and equally 86% felt that it should be based on the liability basis. The respondents of the survey might not have been clear about whether the “Value of Assets” meant the total assets of a particular type that are being covered or the value chosen by the insurer and whether there is any agreement on how to value the “Data Asset” as different from the value of hardware and software. Should data be valued at “Potential Liability in case of a breach” or “Cost of Acquisition” is not an easy question to answer and there is no confirmation whether either the Insurers or the Insured have a clear understanding of this aspect.

The corporate respondents felt that discounts on premia should be based on the status of the security posture of an organization such as “Having been subjected to Compliance audits” and “Robustness of the Information Security Policy” followed by the company. On the other hand to what extent “Past Incidents” some of which might not have resulted in any liability should influence the premium fixation. More than 82% of the respondents of the survey had expressed the view that discounts should be provided for different IS audits to distinguish between two companies with similar risk profiles but different risk mitigation efforts.

TATA AIG only indicated that their proposal will be vetted by a team from KPMG which may make an assessment of the risk before quoting the premium. Greater transparency on such matters is needed before potential customers can give a serious thoughts. Similarly there was a need for TATA AIG to explain if they had faced any claim situation in India and if so of what type and how it was responded to. Without sharing of such information in generic terms, it is difficult for companies to take a view on the feasibility of Cyber Insurance.

I hope TATA AIG would in their future interaction with the industry try to be a little more transparent and let the companies develop some trust in the feasibility of Cyber Insurance. ..and of course 5% premium is considered usurious and it will be difficult for any company to set aside such a huge percentage of their resources for a potential liability cover.

Surely, the dilemma of the Insurance Companies on the enormity of the risks is understandable but they need a better understanding of the Cyber threats, Vulnerability management and the real rupee risks in India before trying to quote impractical premiums.

Hopefully the Insurance companies will realize that there is a huge market potential for Cyber Insurance in India and if they can quickly increase their risk assessment and risk pricing skills, there is a good business to harness. The other insurers such as ICICI Lombard and HDFC Ergo who also have Cyber Insurance policies need to take lessons from TATA AIG which claims to be the market leader at this point of time and structure their own offerings attractively.

Naavi

Posted in Cyber Law | Leave a comment

When will Judiciary be able to show statesmanship?

Posted on July 12, 2016 by Vijayashankar Na

According to the article published in Bankinfosecurity.in, it appears that the wait of the Cyber Crime victims for CyAT (Cyber Appellate Tribunal) chairperson to be appointed is still not over. Going by the statement of the registrar of CyAT quoted in the article, there appears to be no agreement on the appointment till date.

Now that Mr Ravishankar Prasad is the Minister for both the IT Ministry and the Law Ministry, there cannot be any difficulty in finalizing the candidate from the Government side. It is the Judiciary which is unable to accept any appointment recommended by the Government and is stalling the process of appointment. This will not only inconvenience the public but also further burden the Courts with litigation which could be disposed off by the alternate means of CAT to some extent.

If the Ministry was unable to find a proper person, I would have expected the Judiciary to voluntarily suggest a suitable person from its own search amongst the community of retired Judges, instead of standing on formalities and protocol over citizen centric action. As a result of this lack of flexibility in administration, the standoff between the Judiciary and the Government on the appointment of Judges has not yet been resolved.

Management professional agree that when professionals and experts in specific fields take over administrative duties, they are often unable to see the different requirements of administration and prioritize it over other domain specific issues. Such things are normally seen when say a renowned scientist becomes the head of an organization or even when the best software developer becomes the head of a software company, or a famous surgeon becomes the head of a Hospital or an excellent Engineer becomes the CEO of his engineering firm. Similarly, while Modi has effectively switched hats from being a politician to being the administrative head of the country, Mr Kejriwal has not been able to make a similar switch.

The Role of being an expert in a field and Being a good administrator are different and one has to make a conscious effort to be able to successfully wear the two hats simultaneously.

Perhaps, a similar issue is affecting the administration of Judiciary which is in the hands of professional Judges both at the State and the Central level. Good Judges donot always make good Justice administrators whether they are Chief Justices in a State level High Court or the Chief Justice of India. Some may be adaptive and successfully change over from sitting on the Judicial bench to behind the office table with ease but some may find it difficult.

It is time that the Judiciary becomes conscious of this possibility and takes corrective steps as may be necessary. It is also time for the CJI shows some statesmanship in dealing with the Government and take steps to overcome the differences and facilitate the movement of the wheels of justice.

We, the Citizens of India often see that Supreme Court is more interested in spending its time on worthless Celebrity cases and Political cases and show no urgency in disposing off issues involving interest of individuals. Citizens of India have nothing to gain from such lopsided prioritization of justice delivery under a false sense of “Independent Judiciary” when for most members of public, there is “No Judiciary”.

A standing example of such skewed prioritization is the lack of attention on this appointment of the Chair person of Cyber Appellate Tribunal pending from June 2011 where one (not hundred judges for different Courts) suitable person has not been found for last 5 years.

Naavi

Posted in Cyber Law | Leave a comment

Writ Petition to Re-activate Mumbai Adjudication filed in Nagpur-Opportunity for positive changes

Posted on July 9, 2016 by Vijayashankar Na

Mr Rajesh Aggarwal was one of the most active IT secretaries in recent times who pursued diligently his additional responsibility as an “Adjudicator” under Section 46 of Information Technology Act 2000. Unfortunately, he was shifted some time back to duties in Delhi. Since then no cases seem to have progressed in Mumbai and the doors of justice have been shut on the Cyber Crime victims in Mumbai.

As of now it appears that IT Secretaries all over the country are not keen to accept the responsibility which was given to them as custodians of justice for Cyber Crimes and unless Mr Ravishankar Prasad who is currently the Minister for both the IT and Law ministry takes some immediate action the status of Cyber Judiciary in India will remain pathetic and adversely affect the “Ease of Doing Business Index” of the country which prime minister Mr Modi keenly observes.

It has now been reported that two advocates of Nagpur have moved the High Court through a writ petition No.3816/2016 filed by Nirmalkumar Athawale against

1) Govt of India through Department of Electronics and Information technology and

2) Government of Maharashtra through its Chief Secretary and

3) Adjudicating Officer Maharashtra

which was heard on 7th instant by Hon.High Court’s Division bench consisting of Hon.Justice Vasanti Naik and Justice S.Joshi.

Advocate Mahendra Limaye and Adv.Chetan Dhore represented petitioner and prayed for directions to be issued to Adjudicating Officer for timely conduction of Civil matters as mandated under Information technology Act.

It is reported that it was contended by Adv.Mahendra Limaye,the lawyer for petitioner that more than 100 matters are pending before Adjudicating Officer since last 18 months but he has not taken up any of them. It was also informed to the High court that office of adjudicator also failed to timely en-cash court fees submitted to it shows apathy towards Cyber Litigation. In the prayer clause petitioner has reportedly prayed for setting up benches of Adjudicating officers at every district headquarter place since currently all the litigants are required to file the matter at Mumbai only .

The Court has issued directions for issuance of notices to the respondents.

Opportunity to Bring Positive Changes

It may be noted that the Adjudication system is a process of “Enquiry” and there should be no bar on the Adjudicator travelling on his own and conducting the hearing where ever he wants. He can even use Video conferencing techniques to conduct his enquiry where parties donot need to travel to the seat of the adjudicator. It may be noted that ITA 2000 was progressive enough in its draft to provide for setting up benches of Cyber Appellate Tribunal (CyAT) outside Delhi as well as conduct sittings outside Delhi.

In the past two sittings of CyAT (by Chair person Rajesh Tandon) were held in Chennai in the ICICI Bank Vs S. Umashankar case. Maharashtra Adjudicator (Mr Rajesh Aggarwal) conducted a video conference hearing. It is therefore an established practice for these two bodies namely Adjudication and CyAT to move to wherever the cyber crime victims reside and if this is frequently followed, there would be a revolution in the system of justice dispensation in Cyber Crimes.

It should therefore be made as a general rule that “Hearings of Adjudication” should as far as possible be held near the complaint’s place which could be the district headquarters of the State which is the jurisdiction of the adjudicator. This will also give an opportunity to the IT Secretary to visit different parts of his state and learn about the developments of IT and status of Cyber Crimes , interact with the Police officials in the respective places, conduct trainings etc and contribute positively to the mitigation of Cyber Crime Risks in the State. This will be well within the functional responsibilities of the adjudicator who needs to also work on the “Cyber Security” in the State. Some of the States have even developed “Cyber Security Policies” for the State and creating a Cyber Crime free (or more practically, Cyber crime less) state would be a service which these IT Secretaries need to undertake. This will also provide meaning to the “Suo Moto” powers given by ITA 2000 to the Adjudicators.

I hope that the advocates press for such an order and the Court concedes such a prayer.

At the same time we cannot forget that in certain cases, adjudicators have shown their inability to come out of their IT Secretary’s role and take on the role of an Adjudicator (more like a Civil Judge). In states such as Karnataka, serious judicial errors have been committed by the Adjudicator (eg: Declaring that “the word ‘person’ means only an individual and does not include a corporate person”). It should be noted that this decision which annuls the most of ITA 2000/8 including Section 66, in the State of Karnataka has not been over turned due to the non existence of CyAT for the last 5 years and refusal of the Karnataka High Court to intervene. Neither the State Government machinery such as the Chief Minister nor the Central Government under Mr Modi has been able to correct the situation despite it being well within their rights to

a) Appoint a Chair person for CyAT

b) Educate and energise the IT Secretaries to discharge their stautorily allocated responsibility as Adjudicators

I have also pointed out that the current status of the non functioning CyAT and the Adjduication system is a serious “Human Rights Issue” which may be taken note of the Human Rights bodies in UN to tarnish the image of the Modi Government as not serious enough to provide an effective Cyber Judiciary system.

It is also possible that part of the problem lies with the Supreme Court since the appointment of a Chair Person of CyAT is a joint responsibility of DeiTY and the CJI and has not happened for the unreasonably long time of 5+ years.

One of the changes that becomes necessary at the State level which in the light of the Karnataka decision becomes relevant and does not interfere with the current law is that the IT Secretary may be advised to invite the Law Secretary of the State to every hearings as an observer and take his advise on legal issues that may arise during the hearings. The law secretary however should ensure that the IT knowledge of the IT secretary should be also reflected in the awards and no unnecessary procedural complications are created due to his traditional law judicial background.

I therefore urge the advocates of the Nagpur writ petition to persuade the Court to go beyond the mere issuing of directions to the Chief Minister of the State and define certain major changes to the system at least at the state level.

I wish that what I have written here is taken note of by the Karnataka High Court to hear the pending PIL which an advocate Mr Chaitanya has moved and over turn its earlier order on a petition filed by the Adjudicator of Karnataka in which Court crushed an attempt by the Karnataka Human Rights Commission and the then IT Secretary to correct the mistake of an earlier IT Secretary.

Even the media which often takes up innocuous comments made in Twitter or Facebook by ordinary people for national discussion has failed to understand the impact of the erroneous Karnataka Adjudicator’s decision and the failure of the Central Government to appoint a Chair Person for CyAT and undertake a proper discussion on the national TV medium.

I hope people like Arnab Goswami are listening.

Naavi

Posted in Cyber Law | Leave a comment

The Case of stolen NSE Live Data

Posted on July 6, 2016 by Vijayashankar Na

(P.S: The discussion that is contained herein is for educational purpose and in exercise of free speech rights in public interest of journalism)

The Incident as Reported

An interesting case has been reported from Mumbai where the Mumbai Cyber Cell has arrested a person from Durgapur for illegally selling “Live NSE Feed”. The accused, one Mr Rajendra Kumar Chell has been booked under Section 420 (Cheating) of IPC besides Section 66 and 66B of ITA 2000/8.

The complaint was filed by the manager of NSE working in a NSEs group company DotEx international Ltd (100% subsidiary of NSE) which has purchased exclusive rights to sell live Capital market data. DOTEX was providing such service to 33 other companies.

Around October 2015, the company DotEx noticed that two websites other than their customers appeared to be selling NSE live data and when approached, offered the service for a fee. On payment the complainant was provided with a “Team Viewer” ID and password through which access was provided to live data. By logging into the Team Viewer, the user would be able to view the “NSE Now Terminal System” and the live market data. The complainant has alleged that the two website owners had stolen NSE’s live data and were selling it illegally.

On receiving the complaint, on January 19, 2016, the police have traced the accused through the Bank account to which payment of the subscription amount (Rs 2550/- presumably per month) was credited and the arrest has now been made on 2nd July 2016.

(Details of the case as reported in dnaindia.com)

Presumption

It is not clear how the accused first acquired the data. It is possible that he would be one of the legal subscribers to the DotEx service which he shared with others like a “Sub Broker”.

“The NSE’s real time data is provided in three levels (level 1, level 2,level 3 and tick by tick). Level 2 provides market depth data upto 5 best bid and ask prices and Level 3 provides market depth data upto 20 best bid and ask prices .The real time data feed is provided in TCP-IP format. It is provided on-line through a dedicated 2-10 mbps channelized E1 private leased line circuits. This line shall be owned by the customer and the line should be from National Stock Exchange, Mumbai to the premises of the customer. Alternatively, the customer can take the data from one of our authorised data vendors.” (Source: DotEx website)

This is raw data which the users need to use through appropriate systems and software. According to the NSE tariff table, the level 3 service for tick by tick basis offered on “Terminal Basis” may cost as much as Rs 99 lakhs for both capital markets and Futures segment. This can be used “Free” by 300 users with an additional Rs 1140 per month per user there afterwards.

It is presumed that one such user has re-sold the service. It is also possible that the accused has subscribed to the service legally with one of the brokers who is authorized to sell the data and tried to re-sell the same data to his customers.

Alternate Legal Interpretations

The case represents certain important legal interpretations and opens up some old discussions on the principles involved in Copyright law.

Presently the case has been booked under Sections 420 of IPC, Sec 66 and 66B of ITA 2000/8.

Section 420 of IPC is a broad section and states as under

“420. Cheating and dishonestly inducing delivery of property.—Whoever cheats and thereby dishonestly induces the person deceived to deliver any property to any person, or to make, alter or destroy the whole or any part of a valuable security, or anything which is signed or sealed, and which is capable of being converted into a valuable security, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine.”

In the instance case, the “Property” is the “Live NSE Data”. Assuming that the property belonged to DotEx as an exclusive licensee, the allegation is that it was dishonestly sold to others by the accused. Does this qualify to be called “Property” under IPC, is a matter to be discussed if IPC sections are to be applied to the case.

On the other hand, Section 66 of ITA 2000 is a reflection of Section 43 and includes “Unauthorized Access” to a computer system including data. Section 66B applies to “Usage of stolen computer resource” which includes data. Hence application of ITA 2000/8 is undisputed though the cause of action under sections 66 and 66B needs to be established. This revolves around “Whether the sharing of data was authorized or not”.

The angle of License Rights

The interesting aspect of the case is what was the rights available to the accused with regard to the data and whether he wrongfully applied the rights.

More than the concept of “Data Theft”, this offence appears to be falling in the domain of transgression of the “License to use”. If the accused is an authorized user in the first place and re-sold it to others, it may not qualify as “Data Theft” or “Unauthorized Access” but may have to be debated under the “Terms of usage of license”.

The scheme as reflected in the NSE tariff card, envisages that an authorized user can anyway share the data with 300 free users and more on additional payment basis. It is possible that the accused may be one such licensed user of another licensee.

In the instant case, the accused has further used “Team Viewer” and created a “Closed system of sub-users” who have been authorized to share the feed which was available to him probably as a legal right. If therefore the first right was legal, the sale thereof would be legal or otherwise based on the contract on which the first right was obtained.

SEBI regulates the scheme of “Sub Brokers” and “Investment Advisors” as regards providing “Investment Advise” from the point of view of investor protection. But SEBI regulation may not prohibit distribution of raw data on which the investors may take their own decision. Hence in the instant case, there may not be any violation of SEBI regulations. However, if the concept of “Sub Brokers” and “Investment Advisors” as regulated by SEBI permits providing of investment advice as well as data sharing services through broker’s own shared “Trading software”, there is an implied permission for brokers to share NSE live data to their customers.

The key point therefore that determines this case is how did the accused first come to possess the right to the data and what were the terms. If the terms under which the accused acquired the data did not specifically prohibit its sharing with others either for consideration or otherwise, it may be difficult to make the charges stick.

In this connection, I am reminded of an old debate on copyrights in which it was discussed if a “License to a Music CD” obtained by a person entitles him to play the music aloud in such a manner that the music could be heard by the other non licensees in the vicinity some of whom may be the members of the family of the licensee and some not. (P.S: Reference may be found in the archives in naavi.org)

We can also discuss such “Licence Rights” as to whether it extends to the playing of the music on loud speakers in a function for a fee.

We have similar debates where TV broadcasters and cable operators object to playing of TV in a public place such as a restaurant, arguing that the licence given is for use by a “Single Person”. Even BCCI and ICC have used such rights for restricting rights of providing live feeds of cricket match scores and taking pictures of live sports action etc.

It appears that in the instant case also a debate will ensue on whether the data feed which gets displayed on a TV screen should be viewable only by the licensee and no body else.

The trend in the copyright arena is to narrow down the licenses to such an extent that every commercial harnessing of the licensed material whether it is for personal use or for education or for other truly commercial purposes under different forms of licensing so that the user can be bled to the last drop of his blood.

It must be also remembered that the data in this particular instance refers to the collection of activities of investors as captured by the system. NSE is only an aggregator of the actions of investors to make a bid or buy or sell. The live data feed is therefore not a originally created “Intellectual Property” of the NSE. Hence the right of NSE on live data feed is not “Absolute”.

A comparable example is a sports event where the sportsmen create the spectacle. But the “Organizer” claims right to the viewing of the “Spectacle”. However, in a Cricket match organized by BCCI, it pays the players so that it can claim the right to their performance view. In the case of NSE, the investors pay money in different forms to NSE and hence NSE cannot automatically claim the right to display the actions of the investor.

Hence there are several larger complicated issues involved in determining if the offence in this instance is upheld.

If therefore the present charge is upheld, there could be a fall out which would affect several other usage contexts of data beyond the stock markets.

In particular, in the stock market domain, it would affect every licensed live data feed owner such as a broker. If the concept of “Live data feed is only for the licensee” is upheld, every employee of the broker who works in the trading hall and has the probability of viewing the live data feed on the trader’s screens, would be considered as a “Licensed user”.

Similarly, if a customer of a broker is using a broker’s feed on his personal computer and his friend or colleague is shoulder surfing to find out how a share is moving, it could be construed as an offence of data theft.

From preliminary information that is available, it is unlikely that either DotEx or any of its 33 licensed data users and the scores of licensed brokers have a robust usage contracts that prohibits the viewing of the trading screens on a user’s computer by friends and family members of the licensed users. They may however make retrospective changes to their contracts now to manipulate the terms of usage of their live data feed to protect their interests unmindful of the possibility that such unilateral changes of contractual terms may amount to offences under Section 65 or 66 of ITA 2008 as well as offences under IPC for manipulation of evidence.

I wish that the Court which goes into the case understands the possibilities of an undesirable consequence of its decision (if it upholds the charge and rules out that a licensed user cannot share the trading screen with another) which would require every computer user to ensure that his computer screen is not visible except to himself when a trading screen is running and take a consumer centric view of the incident.

(The above discussion is for academic purpose and in exercise of the journalistic freedom of speech and is based on the information available at this point of time. I reserve the right to change my views if additional information becomes available)

Naavi

Related Articles:

When you buy music, will you be buying trouble?

Posted in cricket, ITA 2008 | 1 Comment

Supreme Court’s mistake is behind an innocent girl’s suicide in Salem

Posted on June 29, 2016 by Vijayashankar Na

Last year, two erudite Honourable Judges of the Supreme Court of India namely Justice F.Nariman and Justice Chelmeshwar heard a case filed by one Ms Shreya Singhal on the misuse of Facebook. These were cases where the Police had interpreted the Section 66A wrongly and arrested some innocent persons who had posted some innocuous political comments in the Facebook or twitter. (Read the details here)

Section 66A was not meant to address these offences and the cases filed were wrong ab-initio. However, in a bid to become the “Champions of Free Speech” the case was filed and again erudite lawyers argued on behalf of the petitioner and convinced the Judges that Section 66A of ITA 2008 was against the constitutional right of “Free Speech” and should be removed. The Judges were ferocious in their response against the current Government which meekly defended the law passed by the previous Government and scrapped the section. They did not agree even to consider explaining the context in which the section could be applied and the context in which it should not be applied. They said vociferously that the section was not drafted properly and had to go. In the bargain, they showed their anger against the Government and the Parliamentary law makers which was lapped up in the same spirit by the anti Government media as fodder to criticize the Government.

The erudite Government attorneys did not properly defend the case and allowed the decision which was interpreted by the public in the following manner.

Anything posted on Facebook is “Free Speech” and there is a constitutional guarantee that such free speech should be protected.

Public did not understand that the Police had made a mistake and arrested innocent persons under Section 66A of ITA 2008 though they were exercising their right to “Free Speech” and it was the law to be blamed.

Court as well as the public did not perceive that those to be blamed were perhaps the erring policemen who made the arrests, the erring prosecutors who advised them wrongly, the erring magistrates who committed the accused to imprisonment wrongly and the erring higher Courts including the High Court and the Supreme Courts which did not suo moto jump in to stop the wrongful arrests.

The human right activists and the media anchors gloated over the “Victory for Free Speech” and hailed the judges as saviours of Indian democracy and added fuel to the spreading of the wrong message. What these people deliberately failed to recognize is that the decision had created a general perception that

” It is Ok to defame people on Facebook and WhatsApp and law protects it as Free Speech”

Naavi was a minority voice to say that Supreme Court was making a mistake since

a) Section 66A had been wrongly applied to the cases under consideration of the Court

b) If necessary, the section could be read down properly

c) The section had several other uses and if necessary only a part of the section was under dispute in the case and there was no need for the entire section with sub clauses (a), (b) and (c) to be removed.

( For those who want to know more about this , kindly see this page )

Since this infamous decision of the Supreme Court, Police are confused as to what to do when a “Facebook Crime” is referred to them. If it cannot be booked under Cyber Crime, then they donot know which section of IPC is appropriate and hence there is a delay in swinging into action on such complaints. This could be one of the reasons why the small town police in Salem could not do much in the first 15 days after the complaint was filed in the case of the Salem girl who got frustrated and committed suicide.

Now I want all these “erudite” Judges, Lawyers, Petitioners, Human Right Activists and Media personalities which includes the Arnob Goswamis, Rahul Kanwals, Barkhadatts and Rajdeep Sardesais, to look at the consequence of their folly in the unfortunate death of a girl in Salem who committed suicide because some deviant person posted morphed defamatory pictures on the Facebook and sent them by SMS/WhatsApp to the girl.

The blood of this innocent girl is on the hands of all these erudite persons and I wish they carry this guilt to their grave.

Naavi

Related Article in Hindu

Posted in Cyber Law | 1 Comment

Bitcoin back on the RBI radar

Posted on June 26, 2016 by Vijayashankar Na

Naavi.org has earlier discussed Bitcoin in detail in several articles in the past. A list of such articles is available at

https://www.naavi.org/wp/index.php?s=Bitcoin

The gist of earlier discussions is

a) Bitcoin per-se is an electronic document recognized as such under iTA 2000/8 which cannot be denied admissibility in the Courts in India.

b) Bitcoin is a “Digital commodity” accepted for barter in a close community and not a “Currency” with the backing of a sovereign Government.

c) What is wrong with “Bitcoin” is its projection as a currency and its use in illegal activities.

d) The purchase and sale of “Bitcoin” involving payment and receipt of foreign exchange may be subject to foreign exchange laws

e) Mining of new Bitcoins in India is not illegal and purchase and sale of such indigenously mined Bitcoins cannot be considered illegal.

f) Purchase or Sale of Bitcoins which identifies legal mining activity and which has not at least once passed through the hands of a criminal in the past and not in violation of foreign exchange laws is also not illegal.

g) However, in the absence of proper tagging of Bitcoins, it is a risk for ordinary users to buy and sell Bitcoins since it is most likely to be tainted in a past transaction through the hands of a criminal.

Naavi.org was unhappy when RBI instead of providing proper and legal clarifications, issued an ambiguous circular and ED conducted raids on many Bitcoin exchanges giving an impression that Bitcoin transaction per-se was completely illegal. When a further clarification was sought from RBI, it threatened legal action against the person who sought the information.

The undersigned has always held that the Block Chain technology has great potential to replace the paper currency and though Bitcoin is too tainted to be given recognition, there is every reason for RBI to consider introducing a new Indigenous crypto currency with all the regulatory aspects that RBI can think of.

It is not out of place that much before Bitcoin became a reality, Naavi had promoted the idea of “Digital Value Imprinted Instrument System” which had the potential to substitute the paper currency as we know today with a hybrid instrument that is less expensive and relies on the digital security. Though applied for, Naavi could not get a patent for this idea and subsequently, some instruments did come up in India following the same principles.

Now it appears that RBI has recognized that the Block Chain technology which is the foundation of Bitcoin as well as other Crypto currencies may have a practical usage potential and is setting up an expert committee to analyze the issue. (Refer this report).

Naavi.org welcomes this move.

Readers are invited to explore all articles on Bitcoin at naavi.org and contribute their views if any.

It is to be recognized that “Block Chain Technology” can be used efficiently and without being adversely affected by the problems which Bitcoin was associated with. There will be concerns of “Security” of a block chain being hacked. But I believe effective checks can be established to prevent such security issues and the risks should be significantly less than what we face today in the form of fake currencies being printed by our neighbor countries as a par of their Proxy war strategy. Whether the committee will be able to grasp these intricacies or not is a point which we need to observe closely.

Naavi

Posted in Cyber Law | 1 Comment