TN to use Goondas Act to fight Cyber Crime?

Posted on December 20, 2012 by Vijayashankar Na

Some of the news papers today highlighted some statements made by the CM in a meeting of IAS officers with the captions as follows:

Hindu: TN will use Goondas Act to curb cyber crime

Deccan Chronicle: Goondas Act on cyber criminals

It appears that the newspapers have sensationalized the CM’s statement. What the CM intends is that when serious offences are committed under the acts such as the Goondas act using e-mails or social networking sites, they will not go unrecognized because it is an offence on the Cyber Space. In other words, an act which would fall under the Goonda’s Act if committed through electronic documents will be booked by the Police under the respective provisions of the Goondas Act.

Though the CM has stated that law will be amended for the purpose, what may be required is only certain clarifications to be added to the existing state laws if at all it is found necessary. Already offences under IPC are being booked even when they are committed with electronic documents. The same anology will be applicable to other statutes by virtue of the equivalence of electronic documents to written documents under Section 4 of ITA 2008.

I therefore see no need for either a change of law or a need to get excited about the statement.

At the same time we need to recognize that ITA 2008 is a central act and nothing should be done in the State laws which may over rule the central law. However without over ruling the central act, some local laws are amended it may be acceptable though the need for that is not clear.

I would also take this opportunity to draw the attention of the Chief Minister Jayalalitha that TN which was in the forefront of Cyber Crime investigation and prosecution has slipped back in recent days. In particular the Adjudication system which was very active has been neglected. She needs to revive this piece of Cyber Judiciary if she wants to assist people of TN suffering from the effects of an inactive Adjudication.

Also, she has the opportunity to bring the innovation of a separate chain of “Cyber Crime Magistrates” in the State to ensure that Cyber Crimes are prosecuted more efficiently.

I have been suggesting such a set up to various state governments including Karnataka but no CM nor the Chief Justice of the State appear to have recognized this need of the society.

Changing laws where it is not required is not a wise move. But improving the implementation of the existing laws is likely to be more effective. I hope TN Government as well as other Governments move in this direction.

Naavi

Posted in Cyber Crime, Cyber Law | Leave a comment

Five Year Plan on National Cyber Security Unveiled

Posted on December 19, 2012 by Vijayashankar Na

In a long pending but welcome move it appears that the GOI has unveiled a Five Year plan on National Cyber Security.

Having recognized the inadequacy of the IND-CERT which is the designated nodal agency for Critical IT infrastructure security under Section 70A of ITA 2008, the Government of India has set up a “National Critical Information Infrastructure Protection Center: (NCIIPC) to coordinate the activities on Cyber Security regarding recognized Critical systems. NIIPC appears to have developed a Five Year Plan for the purpose.

One of the major developments would be setting up of sectoral CERTs probably in sectors such as Energy, Transportation, Banking and Finance, Telecom, Defense, Space, Law Enforcement and Security.

NIIPC will work under NTRO (National Technical Research Organization) and along with the existing Ind-Cert which will handle security in areas not overseen by NIIPC.

In the process NTRO is emerging as the super Nodal Agency for National Cyber Security though ITA 2008 notification still recognizes IND-CERT as the designated nodal agency. This aberration needs to be corrected with an appropriate notification under ITA 2008.

More Info:

Naavi

Posted in Bank, Cyber Crime, Cyber Law, Information Assurance, TELCO | Tagged , , , | Leave a comment

Banks Should Report Data Breach Incidents

Posted on December 19, 2012 by Vijayashankar Na

European Union is considering mandatory data breach notification by Banks and other critical infrastructure services. A draft proposal to this effect is under consideration.

At present one of the hindrances to Cyber Crime Insurance is the lack of adequate information about cyber crimes. As regards Cyber Crimes that occur within the Banking fraternity, normally the need to maintain “Confidentiality” and “Prevention of erosion of Public Trust” has prevented public announcement of any Cyber Fraud statistics.

In India, Cyber Frauds are to be disclosed mandatorily by Banks to RBI. RBI in turn may some time release statistics in pursuance of an RTI application or otherwise. However most of the times these statistics are not properly classified so that the correct information about the prevalence of Cyber Frauds in Indian banking industry is not known. Various estimates range from Rs 1200 crores per annum to Rs 8000 crores per annum.

Under ITA 2008, GOI once tried to introduce mandatory data breach notification as a part of Section 70B powers. However this seems to have been put in the back burner because of some opposition from the business.

It is time RBI considers revising its Cyber Fraud guidelines to restructure the reporting format and also consider making relevant Cyber Crime statistics public.

 

PLEASE NOTE:

This website has been in existence since 1998.  

Older posts before the site switched to word press are available through the link at the top and here below.

OLD POSTS

Posted in Bank, Cyber Crime | Tagged , , , | Leave a comment

Section 66A is not meant for “Cyber Defamation”

Posted on December 19, 2012 by Vijayashankar Na

Besides other issues confronting our country today, if we restrict our focus to the Cyber Law domain, two major issues are in focus. One is the debate on whether Section 66A of ITA 2008 is constitutionally valid and the other is why the Government of India is keeping the Cyber Appellate Tribunal “headless” since June 2011.

Let’s now take a look at the first of the issues namely the controversies sorrounding Section 66A of ITA 2008.

The debate about Section 66A has comeforth because this section has been repeatedly invoked against “Defamation” which was hitherto being addressed under IPC. Section 66A has become a principle weapon against “Defamation” whenever content posted on websites or social media have been a subject of controversy.

The issue has assumed importance since the invoking of Section 66A which prescribes a possible punishment of 3 years and considered “Cognizable” (though “Bailable”) has caused immediate arrests of persons who posted the content found unpalatable by influential persons in the society. This did not happen whenever Section 499 of IPC was invoked.

This unholy trend of using Section 66A to address what otherwise should be addressed under Section 499 of IPC started with the case of E2-labs Vs Zone-H.org and has been haunting the community since then. In this case the complainant who had a commercial dispute with the respondent who had posted allegedly defamatory information on a website moved the Delhi High Court for “Blocking of the Website” but citing the provisions under Section 66A.

Unfortunately Court issued an “Interim Order” blocking the website and paved the way for using Section 66A for “Internet Censorship”. This decision was not a decision based on the merits of the case but was based on the prayer for interim relief pending hearing of the case. Since the defendant was a foreign person not interested in fighting the “Blocking of the website”, the decision remained unchallenged and resulted in an indefinitely permanent order to block the website.

Historically this would be considered as the beginning of Internet Censorship in India.

Had the Court considered the E2 Labs complaint on merit it would have probably dismissed it with an appropriate interpretation of Section 66A that it is meant for issues related to “E-Mails” and “Messages” and not “Publishing” of “Content”.

If so, it would have perhaps held that Section 66A was not meant to over rule or even supplement Section 499 of IPC which is applicable for “Defamation through Electronic Documents” when Section 499 of IPC is read with Section 4 of ITA 2008 (legal recognition of electronic document as equivalent to paper document). In the process the Court would have clarified that “Message” is different from “Content”, Message is a one to one communication where the addressee may be bombarded with persistent irritating communication which may cause annoyance where as “Publication” causes defamatory effect when exposed to public.

Under ITA 2000/8, offences regarding “Publication” and bulk “Distribution” are addressed under Section 67 and not under Section 66A but the offences are restricted to “lascivious” and equivalent type of content normally recognized as “Obscene”. The content which was the subject of contention in the Palghar incident, the Karti Chidambaram incident, the Air India Employees incident, the Aseem Trivedi Incident or the Mahopatra Incident were not covered under Section 67 and hence would not be coming under ITA 2000/8.

Thus the fact that Delhi High Court did not go into the merits of the case in the E2 Labs case, resulted in a corrupted interpretation of Section 66A as a plausible weapon for “Blocking of websites”.

In that incident at least the remedy sought and granted was only “blocking” and hence the damage was restricted to an “Internet Censorship” issue. But if the “Blocking” was legally feasible under Section 66A, the arrest of the owner of the Zone-H.org would have also been feasible.

In the current set of cases under Section 66A the complainants have not been satisfied with the removal of the objectionable content but are demanding the arrests of persons involved. The Police are obliging such requests from influential persons and have rendered a certain notoriety to Section 66A which was not at all intended in the first place.

Section 66A was meant to address offences such as Cyber Extortion,Cyber Bullying/Cyber Stalking and Phishing and these objectives have been forgotten under the current spate of litigations making it the prime Cyber defamation defense.

This is a “Corruption of Legal Interpretation” which needs to be corrected when the honourable Supreme Court considers the “Constitutional Validity of Section 66A”.

It is possible that the Court may consider that Section 66A is not constitutionally invalid since it was not meant to address defamation and cannot be used for either internet censorship or arrests in the manner in which it has been used in the recent cases. There is a reasonable possibility that It may say that all the current adverse impact held out against the section is only a result of mis-interpretation and the law as it stands is not to be blamed.

In such an event, it is necessary to understand that what rendered the section prima-facie anti constitutional requiring a judicial reference was the mis-interpretation by Police and others.

This threat may continue even in the future unless appropriate strictures are passed against such mis interpretation and a “Due Process” is defined for arrest of persons on the basis of reputational damage claimed by private persons.

We hope and look forward that suitable elaborate discussion and ruling will come forth during the debate on the constitutionality of Section 66A.

Related Judgement
Current Status Pending

Posted in Cyber Crime, Cyber Law | Tagged , | Leave a comment

Mobile Crimes to be the focus in 2013

Posted on December 18, 2012 by Vijayashankar Na

Symantec has predicted that in 2013, Cyber Crimes in India is likely to grow in the Mobile segment. It is estimated that there are around 137 million Internet Users in India and nearly 70% of them use mobile to access Internet. Simultaneously the Social Media user base also is said to have increased from 38 million to 60 million in 2012. These two aspects are predicted to attract Cyber Criminals to target these segments. Details

Mobile users need to be extremely careful while using their smart phones for critical internet applications such as Banking. It would be better not to use mobiles for Internet Banking since Indian Banks are not responsible enough to secure their internet banking platform and there is little legal support to customers. Also it is necessary to fortify the smartphone with an anti virus for whatever it is worth and be selective in downloading apps to mitigate the malware risks.

Posted in Cyber Crime | Tagged , , , | Leave a comment

What Has Happenned to the Zone-H.org Case?

Posted on December 16, 2012 by Vijayashankar Na

Presently lot of discussions are happening in India on “Free Speech” and “Internet Censorship”. In this context I would like the community to be reminded of the case of Zone-H.org which was blocked in India following a defamation case filed under Section 66A by a Hyderabad company called E2 Labs.

The Government of India has been defending its decision to block Zone-H.org behind a decision of the Delhi High Court.

It was a fact that the complaint was filed with a request for an interim order to block the site which was granted in good faith by the Court until the case could be heard in detail. However the system was managed in such a manner that the respondent living abroad received an e-mail notice to appear in the Court with a notice of less than 24 hours. Obviously this was not possible and also that the respondent did not feel necessary to spend his money and time to respond. In the process the interim order remained unchallenged and became permanent. ( The developments have been summarised by Zone-H.org in this article)

During the discussions Naavi.org had brought to the notice of the Government of India that there was a prima facie need for the CERT IN to implede in the case and put across its point of view to the Court since there was an apparent accusation that the petitioner had committed some offences including the misuse of Government department’s name for promotion and fund raising as well as that there was a hacking of Government websites to create grounds for the petitioner to canvass business. These were serious charges which any sensible Government would have pursued. But the Government decided to ignore these charges and indirectly assisted the complainant in getting the Zone-H.org site blocked. Had these facts/accusations been brought to the attention of the Court, it is possible that the Court would not have given the interim order in favour of the petitioner.

Now that a new PIL has come before the Supreme Court in which the Constitutional Validity of Section 66A of ITA 2008 is being questioned, the Zone-H.org case will come for an automatic review.

The Zone-H.org case was perhaps the first case in which Section 66A was invoked for “Defamation” and hence the current PIL and this case are related. Since the respondent (Zone-H.org) is unlikely to raise this issue, it is unclear how the issue can come before the Court now unless the Supreme Court takes a Suo-Moto decision to consider that Zone-H.org blocking case is relevant to the current set of cases such as Aseem Trivedi etc and provide its considered view.

Posted in Cyber Law | Tagged , , , , , | Leave a comment