Naavi.org

Of late, Section 65B of Indian Evidence Act is under focus in the Judicial and Law Enforcement circles. In this context, Naavi has put across his views on the section and how it needs to be understood in the above video available on You Tube.

The main points that Naavi makes here are

a) Section 65B (as well as 65A) of Indian Evidence Act refer to the special provisions of the Act in respect of Electronic Documents. Though Section 65 is referring to “Secondary” documents in paper form, there is no such distinction made as to the electronic document.

b) There is no need to distinguish Primary and Secondary and all documents need to be interpreted by a human being which takes the form of a Section 65B certificate.

c) A “Hard disk” which may contain an electronic document also cannot be considered the “Primary Document” since it is only a “Container” and the real Electronic document is an expression in binary language which cannot be read by a human being and needs to be interpreted with the assistance of a binary reading device (Computer + operating system +Application)

d) Section 65B explains the conditions under which an electronic document can be considered as “Admissible” in a Court as a “Document” and it needs to be suitably confirmed for the Court to accept the document, which is often termed as “Section 65B certificate or Statement”

e) Section 65B refers to a process of producing a “Computer Output” of the electronic document which is the evidence to be admitted and such computer output can be either in the form of a “Print Out” or a “Copy”.

f) There is a “Process” by which the electronic document becomes the “Computer output” and Section 65B identifies this as the subject activity which needs to be conducted by a person having lawful control over the computer producing such output and that during the period of such production, the Computer should be working properly etc.

g) The focus of Section 65B is the activity of conversion of the electronic document residing inside a system which can be seen by an observer into a “Computer Output”.

h) The other clarifications contained in the Section 65B such as that the the Computer Output could be produced by a combination of computers, acting in succession etc are relating to dynamic creation of an electronic document from a data base and routing it through multiple devices onto a final visible form in the computer of the observer and thereafter its porting into a Printer.

i) Considering these interpretations, the Section 65B certification is a “matter of fact” certification to the effect that “What I saw is what I reproduced as a computer output faithfully” and this can be done by any person who is observing an electronic document in his computer and wants it to be produced as an evidence. It is not necessary that a document from yahoo website has to be certified only by a Yahoo server administrator. Similarly, a statement of account downloaded from an ICICI bank website need not be certified only by the ICICI Bank manager but by any person who can lawfully access the document in electronic form.

j) There is also an important distinction that “Content Owner” is different from “Content Viewer” and Section 65B is meant to be produced by a content viewer. On the other hand the content owner in respect of say a Bank statement is the official Bank manager and he can provide a print out as the owner of the content who understands the content and is considered as an “Expert” in the domain. Any body else who views the document provides a Section 65B certificate that  the print out (or a soft copy) is a faithful reproduction.

It is very important that the legal fraternity and the Judiciary interprets the section properly. Any interpretation that only a “Server Administrator” can provide a certificate under Section 65B is considered incorrect. The server administrator can however provide the certificate but it is not mandatory. The Section 65B certifier is like a photographer who captures a photograph of an event and confirms the process of taking the photograph though he may not be aware of who is there in the picture and what they are doing. It is left to other “Experts” to interpret the “Content” and impute meaning as only a subject matter expert can do.

The undersigned has been running the Cyber Evidence Archival Center (www.ceac.in) since 2002 and has produced evidence under Section 65B certification in many legal proceedings. The first case in which an accused was convicted under the provisions of ITA2000 namely the State of Tamil Nadu Vs Suhas Katti happened in 2004 and in that case, the undersigned had produced a print copy of an electronic document which was then present in yahoo server with the appropriate certification. It was accepted and the accused was convicted.

In that case, the undersigned was also examined an “Expert” since as a part of the certification, he had also interpreted the IP address visible in the document as belonging to a specific ISP in Mumbai etc.

The current interest in the Section 65B has come because of the Supreme Court making a mention recently about the need for such certification whenever an electronic document is produced as evidence.

It is however felt that it is necessary for all the Courts to have proper understanding of the Section since otherwise mistakes can occur in acceptance or rejection of electronic documents in Courts.

The embedded video in YouTube contains the above discussion.

I welcome any counter views for debate.

Naavi

(For a Copy of Section 65B of Indian Evidence Act, s or Browse through Schedule 2 (in the left menu) of ITA 2000 available here: 

When a customer uses a debit card online, the card payment is authenticated by a system of payment gateways and money transferred from the card issuing Bank to the Merchant so that the Merchant can release the service. Normally the authentication happens instantly and the customer can avail the service without any delay.

However, there could be occasions when the authentication process encounters technical problems such as lack of connectivity and the authentication may fail. In some cases, the bank account is not debited and the Merchant also has received the payment and hence the customer may re-try the payment and complete it.

Occasionally the amount gets debited from the Bank account but the Merchant reports non receipt of money. In one of the recent instances the undersigned encountered, the merchant even issued an invoice confirming the completion of the transaction but when the subject service did not come through and I raised a query,  indicated that the authentication had failed.

This could mean that the Merchant is lying in which case it is a question of fraud.

It is also possible that the authentication was first confirmed and then reversed by the agency responsible for authentication. This could be a correction of a mistake or a result of a bug. The responsibility however lies with the Card issuing Bank.

If the authentication is through in the first instance and the Merchant releases the service it becomes a dispute between the Merchant and the Card issuing Bank. If the service is not delivered, the customer has a double jeopardy. He loses the execution of the service and if it is a time sensitive transaction, he may suffer a real and substantial loss. Additionally,  the customer would have to fight for refund with the Bank.

In the recent transaction which the undersigned encountered, though the Merchant who had issued an invoice confirmed after a delay of about a day that the transaction had failed, the Bank has refused to provide the charge back instantly.

They have suggested that the charge back may take upto 36 days.

As a customer, this means that I will be denied of the service and the money for 36 days. If so, the question arises about who enjoys the money during this interim period.

We all know that Banks work under an opportunity cost of about 3% per month and it therefore enjoys the wrongful gain of 3% per month until the amount is reversed back into the account of the customer. Since we can expect that there could be lakhs of failed transaction at any point of time it appears that a substantial amount of money of umpteen customers lie with the Bank as “Unsettled” amounts. Though the individual amounts may be small, collectively it may be substantial.

 If the Card is a Credit Card and the customer is not vigilant, the amount would be debited to the account and interest charged there on in the usual course of accounting. If it is a debit card, it will deny the customer of interest for say upto a month on the SB account when the amount is debited even for a day.

I have therefore requested the RBI to clarify their own views on how such float monies are accounted for by the Banks.

I have also asked RBI to let me know an estimate of such float but it is possible that RBI may not have such data.

I have also asked for clarification from the Card issuing Bank and the Merchant who are yet to respond.

I request visitors to let me know if they have come across similar experiences.

Naavi

After the incident in which a Corporation Bank employee was assaulted in an ATM in Bangalore, there was some discussion on provision of additional security at ATMs. Police said that it was the responsibility of the Banks and Banks said they cannot afford to post guards at all ATMs.

Ultimately, banks started charging more for ATM transactions to cover the additional expense but did not provide any additional security….

……They cheated the public and RBI allowed them to cheat.

Now, an incident has been reported from the Electronic City which indicates that there is a mafia that is working to rob customers at ATMs. I reproduce the information posted by the victim in another forum for public information.

The Free Basics debate in India has reached a crescendo and there is lot of confusion surrounding the service launched by FaceBook in association with Reliance and the consultation paper which TRAI has released on “Net Neutrality”.

It appears that the debate of Free Basics and Net Neutrality getting inter connected and hence the public are finding it difficult whether they should respond to the TRAI consultation paper or not.

It is obvious that Free Basics is an advantage to Reliance and therefore could be a disadvantage to other mobile service operators.  Hence there is a business interest involved in opposing the Free Basics which needs to be factored into the analysis.

As far as the consumer is concerned, Free Basics brings to them certain content services for which data is not charged by the mobile service provider.

The user may be a farmer who is looking for some agricultural information or a cricket enthusiast who is looking for CrickInfo scores or a student who is browsing through some academic information.

It is true that at the same time when content offered through Freebasics comes without data charge, similar content outside the platform of Free Basics is charged. to that extent, the “free service” is more attractive than the “Paid service”. Hence some consider this as affecting “Net Neutrality”.

Some time back, some service providers tried to introduce schemes whereby they wanted to give certain premium services free on the mobile by collecting money directly from the beneficiary companies. This was opposed and the proposal was dropped under the consideration of “Net Neutrality”.

The Free Basics however has structured its services differently. Firstly it has presented itself as a “Platform” and any content provider may apply to be part of the platform provided he follows certain content guidelines. As long as this is not discriminatory, there should be no grounds to object. It appears that the present guidelines may favour basic content providers and not fancy websites and e-commerce sites and this is an acceptable criteria so that the data element is kept thin.

As long as there is no discriminatory exclusions, the system may be considered as equitable. In India we are used to “Reservations” of various kinds. Activists who worry about “neutrality” may also address if there is neutrality in the provision of basic services in the physical world, before raising their voice on the free internet that may become available to a limited extent as a result of Free basics.

It is understood that the Freebasics content would pass through a proxy server of FaceBook which will collect some user data which is the value proposition for FaceBook.  Though some privacy concerns can be raised on this account, the user himself may not be much worried on this account. Reliance may have increased clientele and also some reverse benefit from Face Book to offset the cost of data that it foregoes. This is a business strategy that is not objectionable per-se.

The low income mobile user may look at this as an opportunity to get some free Internet on the mobile just as the concept of ad supported free internet which was prevalent in the early eighties.

Today every business operator including Google collects information from users and uses it to its business advantage. Some of them may throw back free services to attract more customers since the value of data that the users bring in more than offsets the cost of the service itself. Even Gmail may be running on this principle.

Hence blaming FreeBasics only for the fact that it is making the life of the business rivals more difficult is perhaps incorrect.

On the otherhand, the rival telecom providers can consider collecting their own content packages and deliver them free through their services so that they donot lose their business. Nothing prevents Airtel from providing cricbuzz scores free or Telegram service free of data charges to counter Freebasics-Reliance offers.

The competition may actually benefit the general consumer.

What TRAI has to ensure however is that

a) Free Basics platform is open to all under a public technology based guideline

b) No content provider is discriminated against arbitrarily

c) Other service providers may be encouraged to introduce content packages with their own set of content providers

The net effect of the above is that basic information available on the internet may become available on the mobile without specific data charge. All other services will come with data charge like a premium service.

This may be good to reduce the digital divide and benefit the society in the long run.

Naavi

The Standing Committee of the Parliament on Information Technology has released its observations and recommendations as submitted in the Parliament on 21st December 2015. Some of the salient features relevant to the public are discussed here.

Copy of the report can be accessed here

On Scrapping of Section 66A

The Committee has taken note that the Government expressed that it welcomed the decision of the Supreme Court in scrapping Section 66A since it supports “Freedom of Expression”.

With this the Government and the Committee has endorsed the erroneous decision of the Supreme Court without recognizing that Section 66A in no way addressed the “Freedom of Speech” issue but only addressed a “Message” between two persons using a communication device or an e-mail not to be threatening, harassing, causing annoyance, etc. The section which addressed several cyber crimes including cyber stalking, cyber bullying, phishing etc was thrown out by the Supreme Court under the wrong interpretation of law as it existed. Instead of opposing the decision, the Government surrendered to the erroneous decision and the Parliamentary committee ought to have pointed out this poor decision by the Government.

The Committee says that it would await the further action of the Government in this regard.

Further Amendments to ITA 2000/8

The committee has taken note that the Government has set up an “Expert Committee” under the chairmanship of Shri T K Vishwanathan who incidentally was the person who drafted the ITA 2000, to study and examine the existing domestic cyber laws and International cyber legislations and recommend a road map with measures and amendments to the present laws for consideration of the Government.

Committee also noted that the Home Ministry has set up another “Expert Committee” to prepare a road map for effectively tackling the Cyber Crimes in the country and give suitable recommendations on all facets of cyber crime.

Presently public are not aware of the “Experts” in this group. In the past, the “Experts” were mostly those who were close to the bureaucrats of MCIT and it was a cosy club of Delhi ites. Hope the Modi Government does not fall into the same routine.

The Committee has suggested that these two committees need to report the progress to this Parliamentary group. Hopefully the Committee would ensure that the two committees work in tandem and address the issues arising out of IOT, Big Data and other developments.

What the Parliamentary Committee Failed to do

Though the committee made a reference to the beta release of the “Digi Locker” scheme and cautioned the Government on security risks, the Committee has not recognized the points made out by Naavi.org in the past indicating that the Digi Locker Scheme and the CCA’s e-Sign notification appear non compliant with the existing ITA 2000/8. Naavi.org has also pointed out that the Karnataka Government passed a Bill on e-Governance which was contrary to ITA 2000/8. Such blunders of the Government were not recognized by the Parliamentary Committee and it appears that the secretariat has not made adequate research on the subject.

It is hoped that the Parliamentary Group headed by Mr Anurag Thakur will get better information from the market before it’s next report. The responsibility for such research should be boarne by the secretariat consisting of Shri K.Vijayakrishnan, (Additional Secretary), J.M.Baisakh (Director) and Dr Sagarika Dash (Deputy Secretary). I wish these executives peruse some of the points made out in Naavi.org in the past before advising the Parliamentarians. The report does not contain the contact details of these gentleman and I hope some reader will forward a copy of this note to them.

Naavi