Cyber Crime in Auto Meter Tampering at Bangalore

Posted on October 15, 2014 by Vijayashankar Na

A Kannada TV Channel namely BTV News channel has reported a sting in which the tampering of auto meters has been discussed in great detail.  A TV debate has been presented today ( 15th October 2014) where the issue is being discussed.

One of the views expressed by panel members is that legal action should be taken on manufacturers of tamperable meters as well as the mechanics who tamper the meter and the drivers. Panel members are also expressing regret that the law is not stringent enough and even when caught the persons responsible are getting away with fine of Rs 500/- or less.

The news report is showing how chips are being introduced in the digital meters so as to make it run faster than what they should. It is being reported that around 1 lakh meters in Bangalore are susceptible to tampering and not less than 50% of these have already been tampered with. Such autos are estimated to be over charging about Rs 10-15 for each trip. The loot therefore is estimated to be around Rs 20-30 lakhs per day.

The TV debate is also presenting one of the meter manufacturer who claim that his meter is tamper proof but there are other meters in the market which are tamperable and the Government has not shown any inclination to encourage the use of tamper proof meters.

Considering the enormity of the problem, it is necessary to clarify that tampering of digital meters is a Cyber Crime and falls under Section 66 of Information Technology Act 2000/8. It is also an offence under IPC as “Assistance to Cheat”. The punishment under Section 66 is 3 year imprisonment and fine upto Rs 5 lakhs. It is therefore stringent enough to send shivers to drivers.

Hence it is not correct to say that the law is not strong. Perhaps the Police is not interested in applying strong laws. Also the traffic police may not have adequate exposure to cyber laws and hence have never thought of invoking the law.

While the tampering mechanic is directly responsible for  causing the electronic system (Digital Meter) to behave in a manner it is not intended to and therefore liable for Section 66, the driver would be also equally liable since he owns the meter and commercially benefits by the tampering.

Unfortunately it may be difficult to make the manufacture of the tamperable meters liable. But the Government may try to encourage tamper proof meter manufacturers and ensure that other meter manufacturers fall in line.

I hope the Police Commissioner in Bangalore will explore how ITA 2000/8 can be applied in all cases of Meter tampering .

Naavi

Posted in ITA 2008 | Leave a comment

Flipkart Big Billion Sale and E Commerce Regulation

Posted on October 15, 2014 by Vijayashankar Na

There was an article in DNA today titled “Flipkart’s Big Billion Day paves way for e-comm regulation” drawing attention to the possibility of a new E Commerce Regulation.

Naavi.org strongly opposes this attempt to tie down E Commerce in a new regulatory framework. Presently E- Retailing is under the same regulation as Brick and Mortar Retailing (BMR) except for the fact that communications between the consumer and the retailer occurs in electronic documents which are regulated by the provisions of ITA 2008. (Information Technology Act 2000 as amended in 2008).

While the BMRs have been miffed by the grand sale achieved by Flipkart on October 6th, they have no right to speak on behalf of the E Consumer.  The apology of the Flipkart promoters was to the  E Consumers and if there are any issues regarding customer service it is some thing that the consumers need to sort it out with Flipkart.

All India Dealer’s Association has no role to poke its nose in the matter. At best it is the Consumer Rights organizations (Only those who understand E-Consumer Rights) can stand up and make a comment.

It is my personal observation that Flipkart has been handling consumer complaints fairly efficiently by following an easy return policy in case of disputes. In terms of delivery they are super efficient. Hence their consumers donot have much of complaints.

On the Big Billion day there could have been problems arising out of early sell out of super discounted offers because there could have been such a demand. We often see such sell outs in the case of high demand limited supply products such as airline tickets, cinema tickets, cricket match tickets etc. Consumers will take these disappointments in their stride.

If there have been booking of such orders, money received and subsequently cancelled for wrong reasons, they can be checked through an E-Audit of transactions.

Recently I had such an experience in Amazon.in and I did voice my displeasure since they had collected payment. However they refunded within the next 48 hours and hence the response was not wholly unreasonable. As  consumer I would have been happy if they had added a small discount coupon for my next purchase to reduce my disappointment but Amazon.in did not have such vision. I am not aware if Flipkart had similar instances and if so, whether they tried to provide any such incentives to keep the dissatisfied customers happy. As a Netizen Consumerist, I would fight for such benefits rather than complaining that Flipkart gave huge discounts.

Brick and Mortar retailers should also recognize that special day sales are not uncommon in the physical society in the form of Exhibition sales, Clarence Sales or Diwali, Dussera, New Year sales etc.  Consumers throng the shops on those days  some times creating stampedes requiring Police to intervene and maintain law and order.

Has the Government intervened in such cases and questioned the discounts offered? If not why should Government be worried about the Flipkart sale?

Brick and Mortar retailers have to also remember that their markets are distinctly different though some overlap cannot be ruled out. If Competition act has to be invoked, the interested stake holders are other online retailers such as Snapdeal or Amazon and not the members of the All India Dealer’s association.

If the All India Dealer’s Association uses its political contacts with BJP try to interfere in E Commerce legislation, it will be a tragedy and a big blow to Narendra Modi’s vision of Digital India.

The All India Dealer’s Association as well as the Brick and Mortar Retailers should realize that they have certain strengths of their own which actually make them more powerful than the E-Retailers. In fact it will be a travesty of truth if we consider that “Flipkart” enjoyed  a “Dominant” status and hence comes under the ambit of unfair trade practices.

If the Brick and Mortar traders so desire, they can always have an E-Tailing division so that they can enjoy both the online and offline trading opportunities. If they fail to do so, it only indicates that they lack the necessary business acumen and they cannot expect regulation to support their inefficiency.

Observers of Internet are aware that when Amazon developed itself an online book seller, it did put other leading offline book stores into reverse gear. It took some time for Barnes and Noble and others to accept the changes and devise their own strategies to survive and grow.

We are seeing similar developments in the  Retail sector in India and this should not be curbed by any special legislation.

Present legislation on unfair trade practices as well as frauds when read along with ITA 2008 are adequate to deal with any E-Retail regulation issue.

Naavi

Also Read: Flipkart Success invites jealous backlash

Posted in ITA 2008 | 1 Comment

Flipkart Success invites jealous backlash

Posted on October 14, 2014 by Vijayashankar Na

Just at a time when Prime Minister Mr Modi is speaking of Digital India and promotion of E Commerce, vested interests have raised their ugly head in attacking the E Commerce industry.

Just as the success of Amazon as a book retailer shook up the industry more than 15 years ago, the Big Billion day sale of October 6th, successfully conducted by Flipkart  has shaken up the Brick and Mortar Retail industry. The sale is reported to have achieved a massive Rs 600 crore sale in just 10 hours. No doubt there were issues of early sell out of discounted products and disappointment to many. But at the end of the day, Flipkart managed to create a record breaking sale.

Initial objections came from physical society retailers who felt that their right to fleece the consumers was usurped by this new entrant. Objections were raised on the heavy discounts offered.

While it is natural for business competitors to raise objection, the news that the Enforcement Directorate has started an enquiry raises doubts whether the distraught retailers have used their dirty influence on the system to harass the online retailer.

In the past there have been instances of heavy discounts on Diwali or New Year sales by offline retailers. There have been massive rush and law and order problems in some such sales. At that time  there does not seem to have been any action by ED. It is surprising that regulators are now seeing some foreign exchange violation and possible violation of  multi-brand retailing regulation etc.

It is possible that ED may fish out some irregularity and justify their stand in due course. But the damage they will do and what they might have already done to E Business in India is enormous. Now Snapdeal in which Tatas have an interest as well as Amazon and others will have to re think on the future strategies of E Marketing in India.

I hope Mrs  Mrs Nirmala Seetharaman and Mr Modi will look into the issue and nip this motivated action of offline retailers in the bud.

Naavi

Posted in Cyber Law | 1 Comment

Will Axis Bank Explain?

Posted on October 11, 2014 by Vijayashankar Na

Naavi.org recently was informed of a bizarre instance involving Axis bank and ATM transactions. This incident is a matter of serious concern to all Axis Bank customers and hence we would like to bring this to the notice of all including Reserve Bank of India.

I am reproducing verbatim a comment posted by one Mr Sharad Updhyay about his experience in an ATM in Gurgaon for one of our earlier articles titled “Axis Bank ATM license should be cancelled by RBI

“Recently I tried withdrawing Rs. 2000 using my IDBI Debit card from an AXIS BANK ATM based at Sahara Mall, Gurgaon. The ATM asked me if I want a receipt for the transaction. I opted yes, the transaction was automatically aborted. Wondering what happened to the ATM, I tried again and again (with option “Yes” for transaction receipt) – a total of 5 times, but encountered the same problem everytime.

Meanwhile I noticed that another person who opted “No” for printed receipt was able to withdraw money from the same machine. I followed him – went ahead for withdrawal without transaction receipt, and this time machine dispensed the desired amount i.e. Rs. 2000.

Next day I noticed that my IDBI account was debited twice: first for a sum of Rs. 10000, and once again for Rs. 2000 (which I actually withdrew there). I was wondering what made the ATM cause a debit of Rs. 10000 in a single go – while I never entered this amount at ATM console.

I raised an official complaint with my bank (IDBI), and they escalated the case on my behalf with Axis Bank, however, Axis Bank rejected my claim – stating that their ATM balancing reports, switch files, and other transaction logs show that Rs. 10000 transaction was carried out successfully, and they do not owe me anything.

At this stage my bank i.e. IDBI has been helpless, and I’m just wondering whom to report this fraudster in order to get my money back. It appears that something fishy is going on there in Axis Bank ATMs with help of CMS (the agency which replenishes cash in ATMs) and the Axis Bank staff itself. How is it possible that there was no surplus sum recovered from ATM for my failed transactions, and how is it possible that an ATM automatically converts 5 subsequent transactions of Rs. 2000 each in to a single transaction of Rs. 10000?

Please let me know what can be done in this case, and how can I get my money back. Also, isn’t there any authority to punish the bank owning such malicious ATMs and ripping off the customers like this?”

First comment I would like to make on this incident is that there is apparent fraudulent mis-management by Axis Bank. It is clear that the ATM has been deliberately tweaked to ensure that fraudulent transactions donot come to the notice of the customer when he is withdrawing the amount.

The responsibility for this fraud lies squarely on the management of Axis Bank all the way up to the Chair person.

The reported incident is a report of possible hacking of a critical computer resource belonging to the Banking system. It represents a cognizable offence under ITA 2008. Mumbai police who closely monitor even facebook “likes”  and go the extent of arresting persons, must be considered as being aware of the occurrence of this crime. They should therefore take suomotu action and register a Cyber  Crime under Section 66 of ITA 2008 making unknown Axis Bank employees as suspects. It should also investigate “Negligence” from Axis bank ATM division and the Chair person for not taking adequate information security measures to protect the ATM transactions.

The Reserve Bank of India at the same time initiate its own investigation and take penal action against the officials of the Bank.

Now coming back to the customer and what he can do.

1. Normally  money fraudulently debited to the account should have been reversed immediately on filing of a complaint with the Bank.

2. IDBI Bank cannot absolve itself of its responsibility since they have used Axis Bank as it’s agent and hence they are responsible for their client’s loss.

3. Customer need not go to the Banking Ombudsman since that is a sham run by RBI and most Ombudsman are biased in favour of the banks and simply reject the claim with a further proviso that you cannot appeal to RBI.

RBI is aware that the scheme is a sham and yet has not shown any interest in correcting the same. This is not a reflection on the Banking Ombudsman in Mumbai but a general reflection on the scheme and how it is run.

 If possible I advise the customer to personally meet Mr Raghuraman Rajan, the Governor of RBI and check why he is not considering himself responsible for running a secure banking system.

 4.The customer is fortunate to be in Mumbai where the IT Secretary is one Mr Rajesh Aggarwal. He is also the “Adjudicator” under ITA 2008. For any financial loss arising due to contravention of any of the provisions of ITA 2008, in Mumbai, he is the sole authority having judicial powers to conduct an enquiry and award a compensation.

I advise the customer to make an adjudication complaint to him immediately. If he remains in office for some more time, he will definitely give him justice.

However, since Maharashtra is likely to have a change of Government soon and it is customary to shuffle secretaries if a new Government comes, it is possible that this great officer who is upholding justice under ITA 2008 like no other IT Secretary in India may be shifted out.  Hence the customer should at least get his complaint registered before any such change occurs.

5. It would also be better if a complaint is filed with the commissioner of Police, Mumbai against the officials of IDBI Bank and Axis Bank  for running a fraudulent ATM system and causing loss to you. The customer should not fall into the trap of filing the complaint against the unknown fraudster who might have drawn the money. That person will never be traced since IDBI bank is unlikely to have maintained the CCTV footage or other evidence that may be required for this purpose. Police and Banks will try to hold that only that unknown person is responsible and no body in the Bank is responsible. This is a way of driving the complaint to a dead end. For the customer it is always a transaction with the Bank and hence should hold the Bank alone responsible.

The Police complaint should also mention that RBI has been negligent in enforcing ATM security and is also responsible for pushing customers to such frauds.

If necessary, the customer may take the assistance of a Consumer activist to pursue the complaint.

It may appear that  the money lost may not be substantial and hence may not be worthy of the trouble of complaining. It is this attitude of most of us that emboldens criminals to resort to this type of small ticket frauds which we refer to as “Salami” attacks. It is our duty to bring this to public knowledge and wake up regulators like RBI to remind them of their responsibilities.

In the meantime, I demand that Axis Bank makes an official statement about this incident.

Naavi

Posted in Bank, ITA 2008, RBI | Leave a comment

New Version of Android Virus hits India

Posted on October 10, 2014 by Vijayashankar Na

It is reported that a new version of the Android virus “selfmite” has appeared in the wild. The virus sends SMS messages to all the contacts with a hyper link which if clicked will install a malicious app.

Details are available here

It appears that the virus uses shortened URL service of GoDaddy and can be re configured remotely to change the URL.

At present the virus can spread only through the clicking of the URL in an SMS.  The users should therefore be vary of clicking on any URL even if it is part of an SMS from a friend.

The threat hurts the use of a mobile for browsing internet and can seriously affect the plans unveiled recently by Face Book founder to make certain basic internet services free from the face book applications.

Industry should ensure that mobile anti virus systems are strengthened to prevent such viruses.

Naavi

Posted in Cyber Law, ITA 2008 | Leave a comment

Concurrent Civil and Criminal Cases

Posted on October 9, 2014 by Vijayashankar Na

Recently, I came across an article on the web discussing how a criminal conviction or trial proceedings can produce evidence for a civil compensation. (Related Article). This was regarding a proceeding in Canada. The points raised here appeared to be relevant in India in Cyber Crime cases and hence the following comments can be made.

In many of the Cyber Crime Cases we come across a Civil and Criminal dispute being tried in different fora simultaneously. For example, the Police may pursue a bank fraud case while the victim may invoke Adjudication under ITA 2008.

Normally, a criminal case takes a longer time and a stronger evidence (Beyond Reasonable Doubt) to result in conviction. But a civil proceeding under the special provisions of adjudication and Cyber Appellate Tribunal (CAT) can be completed much quicker. Also these judicial process in adjudication being of the enquiry commission type, it is more victim friendly.

Though victim compensation can also be provided by a criminal court, traditionally the criminal courts in India are reluctant to go deep into evaluation of financial compensation which may involve opportunity loss or gain, interest and litigation expenses etc. (There could be exceptions such as the recent prevention of corruption case of J Jayalalitha where the session’s judge did take the trouble to make proper estimate of the wrongful gain the accused might have made). Also the criminal cases are pursued by the state and the public prosecutors and the victim’s interest may not always be a priority.

Hence where a civil remedy is separately available, the victim   always prefers to explore such alternate remedies. This is mostly true in Cyber Crime cases.

It may be recalled that in the land mark Umashankar Vs ICICI Bank adjudication case, the adjudicator’s verdict was that the Bank was liable for paying compensation to the victim for the fraudulent loss suffered by him. At the same time Tamil Nadu police was (and is) pursuing the criminal case against the identified ultimate fraudster. An issue was raised by the undersigned with the Tamil Nadu police that it should pursue the case of criminal negligence and complicity by ICICI Bank and its officials in the light of the positive findings of the Adjudicator.

However, TN police hesitated and did not proceeded even to conduct a proper enquiry and take up investigation against any of the officials of the Bank.

At least in future, Police should take advantage of the availability of an earlier civil compensation verdict where it is relevant.

Of course this argument would not apply to Karnataka where the IT Secretary acting as an adjudicator has actually jeopardized the system of criminal justice also by holding in effect that Section 66 of ITA 2000/8 cannot be invoked by a Corporate victim nor any person can invoke Section 66 on a Company. This can also extend to many other sections of ITA 2000/8 and make the act completely redundant in the State.

Unfortunately in the absence of an operating CAT, the decision of the Adjudicator remains a precedent since more than 2 years. It is disappointing that the judicial authorities such as the Karnataka High Court and the Administrative bodies such as the Government have not yet observed the highly undesirable criminal justice system that is now prevailing in Karnataka in the domain of Cyber Crimes on account of this decision. As otherwise they would have taken proactive steps to correct the same.

Karnataka Government now has on its hands the opinion of the Law department as well as the Cyber Crime Police that the subject decision of the Adjudicator is not correct but is yet to take a proactive action to correct the situation. Mr Siddaramaiah the honourable Chief Minister of the State is himself a law graduate and can personally appreciate the correctness or otherwise of the decision without any expert opinion but unfortunately the matter has not yet come to his attention.

The Karnataka Judiciary which covered itself with glory in the J Jayalalitha case would do well to bestow its attention on what Naavi.org has been stating time and again that in the absence of a corrective action, the said decision  has renedered Karnataka a “Cyber Crime Haven”.

Let this Diwali shed light on the situation and some positive action by the Karnataka Government and or Karnataka High Court.

(Details of the Adjudication Decision referred to here is available in several earlier discussions in this site: Plight of Cyber Crime Victims in Karnataka:: Will the CM of Karnataka respond?)

Naavi

 

Posted in ITA 2008 | Leave a comment