Invitations from unknown persons in LinkedIn or Face Book or other sites are considered potential risks since accepting such invitations could lead to downloading of dangerous viruses.
Even if the invitations appear to come from friends it is unreliable since it could be spoofed email.
It is better to delete such emails and go direct to your linked in or Facebook accounts and accept invitations from your inbox there… Related Story
Facebook has started an test for delivering messages to Facebook users from people other than public against payment of money. Refer here
I see an advantage in the service to deliver legal notices to the Facebook users who might have committed offences such as creating a fake profile etc. At present such notices have to be routed through Facebook. Even if only this business is considered (Which is price insensitive), Facebook is likely to generate good revenue from the proposed service.
Instagram is a service which is supposed to make sharing of mobile pictures on Social networking sites easy. However the privacy rules attached to the service had raised a ruckus recently as it was felt that the private photographs shared by people on Facebook could eventually be sold for commercial exploitation without the users of Facebook deriving any benefit.
It is now stated that these changes in the Instagram rules have been withdrawn. Refer Here
Some of the news papers today highlighted some statements made by the CM in a meeting of IAS officers with the captions as follows:
Hindu: TN will use Goondas Act to curb cyber crime
Deccan Chronicle: Goondas Act on cyber criminals
It appears that the newspapers have sensationalized the CM’s statement. What the CM intends is that when serious offences are committed under the acts such as the Goondas act using e-mails or social networking sites, they will not go unrecognized because it is an offence on the Cyber Space. In other words, an act which would fall under the Goonda’s Act if committed through electronic documents will be booked by the Police under the respective provisions of the Goondas Act.
Though the CM has stated that law will be amended for the purpose, what may be required is only certain clarifications to be added to the existing state laws if at all it is found necessary. Already offences under IPC are being booked even when they are committed with electronic documents. The same anology will be applicable to other statutes by virtue of the equivalence of electronic documents to written documents under Section 4 of ITA 2008.
I therefore see no need for either a change of law or a need to get excited about the statement.
At the same time we need to recognize that ITA 2008 is a central act and nothing should be done in the State laws which may over rule the central law. However without over ruling the central act, some local laws are amended it may be acceptable though the need for that is not clear.
I would also take this opportunity to draw the attention of the Chief Minister Jayalalitha that TN which was in the forefront of Cyber Crime investigation and prosecution has slipped back in recent days. In particular the Adjudication system which was very active has been neglected. She needs to revive this piece of Cyber Judiciary if she wants to assist people of TN suffering from the effects of an inactive Adjudication.
Also, she has the opportunity to bring the innovation of a separate chain of “Cyber Crime Magistrates” in the State to ensure that Cyber Crimes are prosecuted more efficiently.
I have been suggesting such a set up to various state governments including Karnataka but no CM nor the Chief Justice of the State appear to have recognized this need of the society.
Changing laws where it is not required is not a wise move. But improving the implementation of the existing laws is likely to be more effective. I hope TN Government as well as other Governments move in this direction.
Naavi
In a long pending but welcome move it appears that the GOI has unveiled a Five Year plan on National Cyber Security.
Having recognized the inadequacy of the IND-CERT which is the designated nodal agency for Critical IT infrastructure security under Section 70A of ITA 2008, the Government of India has set up a “National Critical Information Infrastructure Protection Center: (NCIIPC) to coordinate the activities on Cyber Security regarding recognized Critical systems. NIIPC appears to have developed a Five Year Plan for the purpose.
One of the major developments would be setting up of sectoral CERTs probably in sectors such as Energy, Transportation, Banking and Finance, Telecom, Defense, Space, Law Enforcement and Security.
NIIPC will work under NTRO (National Technical Research Organization) and along with the existing Ind-Cert which will handle security in areas not overseen by NIIPC.
In the process NTRO is emerging as the super Nodal Agency for National Cyber Security though ITA 2008 notification still recognizes IND-CERT as the designated nodal agency. This aberration needs to be corrected with an appropriate notification under ITA 2008.
Naavi
European Union is considering mandatory data breach notification by Banks and other critical infrastructure services. A draft proposal to this effect is under consideration.
At present one of the hindrances to Cyber Crime Insurance is the lack of adequate information about cyber crimes. As regards Cyber Crimes that occur within the Banking fraternity, normally the need to maintain “Confidentiality” and “Prevention of erosion of Public Trust” has prevented public announcement of any Cyber Fraud statistics.
In India, Cyber Frauds are to be disclosed mandatorily by Banks to RBI. RBI in turn may some time release statistics in pursuance of an RTI application or otherwise. However most of the times these statistics are not properly classified so that the correct information about the prevalence of Cyber Frauds in Indian banking industry is not known. Various estimates range from Rs 1200 crores per annum to Rs 8000 crores per annum.
Under ITA 2008, GOI once tried to introduce mandatory data breach notification as a part of Section 70B powers. However this seems to have been put in the back burner because of some opposition from the business.
It is time RBI considers revising its Cyber Fraud guidelines to restructure the reporting format and also consider making relevant Cyber Crime statistics public.
PLEASE NOTE:
This website has been in existence since 1998.
Older posts before the site switched to word press are available through the link at the top and here below.
