Naavi.org

The Supreme Court has ruled that non-lawyers can represent, appear and argue cases filed under the Consumer Protection Act before Consumer District Forums and Commissions. Suitable rules may be framed in this regard by the National Consumer Commission to accredit non advocates to practice as representatives before a forum.

See article in TOI

This ruling could remove doubts if any and needless delays arising out of the objections raised by opposing lawyers in such cases.

The SC passed the directive while dismissing an eight-year-old appeal filed by the Bar Council of India against a 2002 Bombay high court judgment that permitted agents to represent consumers.

The SC bench of Justice Dalveer Bhandari, Justice R Mukundakam Sharma and Justice Anil Dave on Monday, however, said special guidelines were needed and accordingly, it directed the National Consumer Commission to “frame comprehensive rules within three months” to regulate the eligibility, ethics and conduct of non-legal representatives.

Agents can be friends or relatives but they cannot accept any remuneration and must display competence.

The SC has suggested certain points that the National Consumer Commission may consider while framing rules:

1. An agent appearing on an individual case basis:

a. Must have a pre-existing relationship with the complainant (eg, as a relative, neighbour, business associate or friend)

b. Must not receive any form of direct or indirect remuneration for appearing before the forum and file a written declaration to that effect

c. Must demonstrate competency

2. Accredition may be through written examination on law; academic and professional background, criminal record

3. Fees: The forum may decide on fee amount if an agent seeks to receive any; but he cannot ask for more than 20% of damages sought by a consumer.

The decision is welcome since it provides an opportunity for victims to get represented from those who fight for a cause.

Naavi

Related Articles on Consumer Protection Bill 2015: Article1 : Article 2 : Article 3: Article 4 : Article 5

(Easy to Read copy of the Bill)

(This is a continuation of the series of articles on this subject)

Article1 : Article 2 : Article 3: Article 4 : Article 5

(Easy to Read copy of the Bill)

Who Is a Consumer?

According to the proposed Consumer Protection Act 2015 ,  “consumer” means any person who—

(i) buys any goods for a consideration which has been paid or promised or partly paid and partly promised, or under any system of deferred payment and includes any user of such goods other than the person who buys such goods for consideration paid or promised or partly paid or partly promised, or under any system of deferred payment

when such use is made with the approval of such person,

but does not include a person who obtains such goods for resale or for any commercial purpose; or

(ii) hires or avails of any services for a consideration which has been paid or promised or partly paid and partly promised, or under any system of deferred payment and includes any beneficiary of such services other than the person who hires or avails of the services for consideration paid or promised, or partly paid and partly promised, or under any system of deferred payment,

when such services are availed of with the approval of the first mentioned person

(but does not include a person who avails of such services of any commercial purpose).

Explanation.—For the purposes of this clause,—

(a) the expression “commercial purpose” does not include use by a consumer of goods bought and used by him exclusively for the purpose of earning his livelihood, by means of self-employment;

(b) the expression “buys any goods” and “hires or avails any services” include the transactions made through any mode, inclusive of but not limited to, offline, online through electronic means, teleshopping or direct selling or multi level marketing;

We may note that the definition of a “Consumer” is not restricted to the person who actually buys or pays for the goods or services but any user or beneficiary of the product.

The definition also clearly excludes the cases of a person using the goods or services without the approval of the “first mentioned person” which should mean the “buyer” or “owner”.

Understandably the definition excludes the buyer/user who obtains the goods or service for “Commercial Purpose”.

It is interesting to note that the Act does not omit to add the definition of a “Person” which is inherent in our law as well as the General Clauses Act to avoid the kind of confusion that may occur as in the case of ITA 2000/8 which was raised in the Adjudication Cases in Karnataka.

Accordingly, it clarifies that the term “Person” includes

(i) a firm whether registered or not;

(ii) a Hindu Undivided Family;

(iii) a co-operative society;

(iv) an association of persons whether registered under the Societies Registration Act, 1860 or not;

(v) any individual, corporation, company, association, firm, partnership, society, joint stock company, or any other entity including any government entity or unincorporated association of persons;

Naavi

Article1 : Article 2 : Article 3: Article 4

(This is part of a series of articles on this subject)

Article1 : Article 2 : Article 3: Article 4 : Article 5

(Easy to Read copy of the Bill)

The Government of India has introduced the Consumer Protection Bill 2015 (CPB2015) in the Parliament and is likely to be passed in the next Parliamentary session. The emerging Consumer Protection Act 2015 (CPA2015) will replace the current Consumer Protection Act 1986.

A copy of the Bill is available here

The salient features of the Bill can be summarised here and later analysed in detail.

1. The definition of a “Consumer” includes the consumer of a “Service” and includes online services. One who obtains goods for resale or for commercial purpose is excluded. Consideration is essential for a consumer.
2. A Central Consumer Protection Authority (CCPA) will be set up to promote,protect and enforce the rights of the Consumers.
3. Product Liability for defects in manufacture,service,marketing etc will be recognized
4. Consumer Dispute Redressal Commissions at District level will function along with the State and National Level commissions for appeal. Final appeal will rest with Supreme Court.
5. Consumer Mediation Cells will be established and attached to the rederessal commissions.
6. Penalties will include imprisonment from one month to 3 years and fine from Rs 10000/- to Rs 50000/-

The detailed analysis can be found below and in continuing articles.

Applicability

CPA2015 shall be applicable for whole of India except the state of Jammu and Kashmir and will apply to all goods and services.

“goods” means goods as defined in sub-section (7) of section 2 of the Sale of Goods Act, 1930, and includes “food” as defined in clause (j) of sub-section (1) of section 3 of the Food Safety and Standards Act, 2006;

“service” means service of any description which is made available to potential users and includes but not limited to, the provision of facilities in connection with banking, financing, insurance, transport, processing, supply of electrical or other energy, telecom, board or lodging or both, housing construction, entertainment, amusement or the purveying of news or other information, but does not include the rendering of any service free of charge or under a contract of personal service;

It may be noted that the exclusions include any service given free of charge or under a contract of personal service.

A Contract of “Personal Service”  is A contract in which the skills or talents of a party are material. Employer and Employee Contracts fall into this category.

The CPA2015 will be in addition to and not in derogation of the provisions of any other law for the time being in force.

(To Be continued)

Naavi

Article1 : Article 2 : Article 3: Article 4

I am happy to announce that a new website www.hdpsa.in has been activated to present the news and views about the proposed “Healthcare Data Protection and Security Act”. (HDPSA).

This HDPSA is similar to HIPAA of USA and is expected to bring in enormous change to the lives of Health Care professionals including Hospitals, Pharmacies, Medical Practitioners as well as all IT Companies who have an exposure to Indian hospitals and healthcare operations.

We all know that HIPAA and later HITECH Act stimulated the US economy and brought long term benefits to the IT industry though they were actually meant to benefit the Health Insurance sector. Even in India it is expected that the IT industry in general will benefit from this law.

The law is presently being considered by the Ministry of Health and Family Welfare.

We are aware that earlier attempts to bring in an omnibus Privacy law in India has not been successful. But this time the sectoral law on Healthcare privacy should go through. However we donot know the time line at which the law may get implemented. It would be no surprise if it takes an year or so for it to be notified.

However, for somebody who has been actively involved in HIPAA compliance in India, the undersigned has always highlighted that ITA 2000/8 made the provisions of HIPAA almost a standard for Indian Health Care industry. Many Indian companies therefore adopted the principles of HIPAA privacy and security mandates though they did not have exposure to US health information.

Now it becomes imperative for Indian Health Care companies to follow almost the same standards as are imposed in USA for Covered Entities and Business Associates in USA.

Though this is good news for privacy advocates, the financial and administrative burden on the companies will be significant and having observed the attitude on “Compliance ” of Indian companies over several decades, there would be every attempt made by the industry to postpone the inevitable.

We need to await the final law to really understand how the enforcement mechanism will shape up since this alone will let us know how the law will progress in terms of adoption.

But having driven the ITA 2000 compliance for the last 16 years, it is natural for the undersigned to pick up the HDPSA compliance as an important area of my activity. Obviously it starts with awareness building which the website www.hdpsa.in should do and will be followed by the consultancy for conducting gap analysis and implementing necessary mitigation efforts to achieve a reasonable level of compliance.

I wish the Government keeps in touch with the experts in the field at the time of designing the law itself so that there will be less need for us to be critical of any provisions subsequently.

It is expected that a forum of interested experts will come together under the website and try to provide guidance to the Government whether solicited or not.

I therefore invite participation of professionals in this activity first by contributing their views in the form of articles on the website.

Naavi

The RBI directions of September 29, 2016 on Aadhaar based authentication for Card Present Transactions is yet another intiative taken by RBI to improve the security of Card transactions and reducing the fraud possibilities.

The policy reiterates and sets a deadline of January 1, 2017 by which the Card present transactions should be equipped to be authenticated with biometric and aadhaar identity.

This would require some additional efforts at the POS points and switching of the instruments to the new versions equipped with biometric verification and connectivity to enable aadhaar verification.

The advantage is that while the EMV Chip and PIN based authentication is now fortified with the biometric of the card owner preventing even the family members of the card owners using the card on behalf of others.

The downside to the new practice is that the biometric information of card users will get transmitted through the various POS systems and along with the card data, could pose a security risk. Mitigating this risk requires a serious effort on the part of the Banks to educate their merchant customers and also ensure proper security measures at the POS points.

Naavi

The UID or the Aadhar started as an ID that could separate Indian Citizens in border areas from illegal migrants and serve the national security purpose.

Subsequently, it has become a project to provide a control mechanism to reduce pilferage in Government subsidies reaching the target citizens.

When the system began the only concern about Privacy in Aadhaar was about the collection of “biometrics” and its possible misuse. Arguments were both on the technical issues of false rejections and positives as also the use of unreliable vendors who could steal the biometric data either at the time of creation or when it was in storage.

Government brushed aside the objections and went ahead with linking the Aadhaar with the Banking information of an individual extending the privacy concerns to the financial information.

Presently we see that KYC system in Banking is completely dependent on the Aadhaar number being provided as a “Photocopy of the Aadhaar document” which exposes all the parameters attached to the ID (except biometric) in the form of a paper document. Similar paper documents are available with Gas dealers, Mobile Companies, schools and many others who may have little understanding of the meaning of “Privacy” let alone the legal concept of “Privacy Protection”.

To this risk of biometric and financial information being combined and spread all over in an insecure manner, we are now adding the healthcare information since the UID is set to be the “Universal ID” to be associated with patient information in the proposed HDPSA (HealthCare Privacy and Data Security Act).

Though the details of the proposed act are not yet available, the document which the Government of India (Department of Health and Family Welfare) released for public comments in 2013 on the “Electronic Health Standards of India” contained detailed guidelines on what the Government intends to do.

This Circular which was released earlier gets a new life with the recent public announcement that a “Draft Health Care Privacy and Data Security Act” is now under the consideration of the Government. We should logically presume that many of the suggestions made in the earlier circular will be adopted in the new Act as and when it becomes a reality. Afterall the circular was founded on a time tested framework adopted in US under the HIPAA in 1996 which carries to date.

According to the circular, the standaridization of healthcare information collection, storage, transmission and processing will adopt a system of using unique IDs for every patient, every medical practitioner, every hospital, every pharmacy, along with adoption of medical codes for diseases, procedures, health encounters etc.

In this process the circular speaks of “UHID” which is the Unique Health Identifier to act as a Patient identifier, for which UID will be used in all EMR systems.

This would now mean that Aadhaar details will now be available in all hospital records of the patients and gets integrated with the Bank details and the associated biometric data.

In principle there is nothing wrong in adopting this nationally unique ID which integrates a person with health and financial data. However this raises the issue of how the information security is handled by all the entities who may have access to any one of these fundamental parameters.

The Information Security community which deals with the sensitive personal information in electronic form as well as the physical security community in health care organizations where the sensitive personal information is available in the form of paper, will now need to devise their strategies to upgrade their security arrangements.

The needs in “Hospitals” which includes the neighborhood clinics and other health care entities such as pharmacies need to start their learning of the principles of Privacy.

I am not sure if the medical colleges teach Information Security and Privacy as a part of their curriculum in the MBBS and Pharmacopoeia qualifications. If not it is time the students of medicine are exposed to information technology and related issues of Privacy in the coming days.

Naavi