How to Counter Rogue Sites
This article first published in December 2000 at www.naavi.org is reposted here in the context of Mr Sibal's new move.
Recently there has been reports of a spate of Rogue Web sites carrying "Anti Indian" messages, the latest being the one from the Tamil Nationalist group interlinked with the Islamic fundamentalists.
It is certainly alarming for the E-Governance of the Country that such sites should come up to disturb the peaceful fabric of the country or a part of it. However it would be interesting to see how the Government reacts to this challenge. This is not the first time that such a web site has come up in India or elsewhere and neither it will be the last time. The Government will have to therefore take a policy decision on how to handle such sites.
The Information Technology Act 2000 (ITA-2000) has empowered the Controller some powers in this regard.
Section 69 of the Act, states as follows:
69 (1): If the controller is satisfied that it is necessary and expedient so to do in the interest of the soverignity or integrity of India, the security of the state, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offence, for reasons to be recorded in writing, by order, direct any agency of the Government to intercept any information transmitted through the computer resource.
(2) The subscriber or any person in charge of the Computer resource shall, when called upon by any agency which has been directed under subsection (1), extend all facilities and technical assistance to decrypt the information.
(3) The subscriber or any person who fails to assist the agency referred to in the sub section (2) shall be punished with imprisonment for a term which may extend to seven years.
Read with section 75 which extends the provisions of the ITA-2000 to persons outside India, the Controller will be in a position to take appropriate action under the Act to punish the owners of the site, the ISP that hosts the site and the content providers. He can conduct an enquiry with or without the assistance of an Adjudicating officer, pronounce his verdict (Using the quasi judicial powers vested in him through the section 69) and request the enforcement authorities to take action invoking International Public law. Of course such action should be completed within a few days to be of any effect in the Cyber World.
One other easy option for the Indian Government is to block the site from being viewed from within India as they have done in the case of some of the Pakistani newspaper sites.
However, blocking of a site may not be the correct solution since surfers may still access such sites through anonymizer services. Then the Government may have to block these services as well. More over, "Blocking " is a negative way of regulation and only helps in distancing the Government from understanding the ground realities. It is a part of history now that Mrs Indira Gandhi sufferred because of the Press Censorship during Emergency which gave her a wrong impression about the real situation in the Country. The Censorship by blocking those who access Internet with Indian ISP s will create a situation where the sites will continue to build up international viewpoint against the country with no counter point being served.
I therefore suggest for consideration the following model for handling "Objectionable Sites".
1. Sites which are said to contain "Politically Objectionable material" are reviewed by a virtual committee of experts and voted for or against being declared "Objectionable for Viewing by the Indian Government".
2. Based on such a verdict delivered through digitally signed e-mail confirmations from the virtual committee members, the Controller can issue a notice to ISP s in India to do the following.
3.Whenever a request for an objectionable site is received from a surfer, an "Objection Notice" to the following effect is displayed in a pop up box.
" The site requested by you contains information considered "Objectionable" by the Government of the Republic of India vide GO No xxx of xx.xx.xx. The reasons for objection can be found here. (Hyper linked Document) A List of sites presenting a counter view point can be found here (Hyper link to list of "Counter view point sites")
4. You can click here to enter the site. (Hyperlink to "continue")
The moment a site is declared "objectionable", the Government should notify the same on the internet and invite the public to register their site or Pages containing counter view points. These can be reviewed and if found suitable, added to the list of "Counter View Point Sites".
This strategy will enable the Government to use the public resources to produce content which will neutralise the objectionable material. If these sites do an equally good job, all the persons who are targetted to be influenced by the "Objectionable site" may actually be converted to the counter view point. Imagine some body like Mr Arun Shourie commenting on Kashmir problem. The owners of the "Objectionable sites" would think twice about inviting their audience to see his reasoned views on many of the contentious issues in the market.
Once a system is established for the purpose, the Indian Government can take up a request to other friendly Governments to bring an International treaty on mandating such services through the ISP s of their countries. India can take international lead in setting up a new treaty for " International Cooperation in Cyber Space Governance".
Naavi
December 8, 2000
Related Story in Indian Express
Kapil Sibal, Impractical, Undesirable and Unnecessary
Mr Kapil Sibal first stated that he wanted Facebook, Google and other Social Networking sites to introduce "Human controlled pre-screening of content" before they are posted.
He cited that there are many anti national postings which could stir up communal passions etc. Many however believed that he was agitated because of some cartoons of Sonia Gandhi published some where which were perhaps defamatory.
While I fully agree that any defamation is undesirable, political leaders need to be little more thick skinned than others and tolerate some criticism in public. Otherwise they cannot be enjoying the benefits of public office.
Having said this, we also need to accept that current laws in India in terms of ITA 2008 with rules on "Due Dilgence" for intermediaries under Section 79 of the Act clearly specify that any person who is aggrieved can initiate legal action as well as a request for removal of objectionable content.
No body can use this better than a politically connected Ms Sonia Gandhi or Kapil Sibal. Specific objectionable content can therefore be effectively removed easily and this is being done often.
What Mr Sibal is now proposing in the form of pre-screening that too by a human is utter nonsense. In fact it is an irresponsible statement as it has the potential for being wrongly projected at some point of time in future in a Court of Law as "Expected Due Diligence". Hence it is necessary that the idea has to be opposed and the opposition is recognized by a Court through some PIL and be declared as "Impractical" and "Undesirable" as well as "unnecessary".
No body thinks that Mr Sibal is not aware of the impracticality of his demand. According to some reports he has retracted on this statement and wants only a discussion on how regulation can be done. He has however indicated that a new set of rules may be announced by his ministry in this regard.
We need to appraise this enthusiasm of Mr Sibal in the background of several months of paralysis that Mr Sibal's ministry is being afflicted with due to the 2G scam.
I have personally tried all tricks to wake up DIT to the pressing need of appointing a new Chair Person for Cyber Appellate Tribunal which is pending for last 6 months. But the department remains eloquently silent. I understand that the file is pending at the level of Mr Sibal.
When such pressing requirements are being ignored it surprises everyone why an intelligent person like Mr Sibal should rake up a controversy which projects himself as an idiot. There has to be a reason behind this apparently illogical act.
The secret behind this latest onslaught on "Freedom of Speech" on Internet was revealed by the fact that one of the first to jump to Mr Sibal's support was Mr Digvijay Singh. This betrayed the connection between the move of the Government and the upcoming Anna Hazare campaign.
The whole world knows that Anna Hazare team made use of social networking sites extensively during their last campaign. The power of this media in raising public opinion has been seen in the recent incidents in Egypt and other places. Mr Sibal has rightly recognized this as a real threat to the UPA Government in the coming days and hence there is an urgent need to bring the Social Networking Sites into a compliance mood.
The fact that Mr Sibal is bluffing when he talks of national interest behind this move is evident when we look at the information published by Google on the number of requests received by them last year for blocking of content.
According to a recent report published in Hindu, during the first half of 2011, Indian Government sought to remove 255 items classified as "Government Criticism" from Google content. Additionally 39 items were sought to be removed on grounds of defamation, 20 due to privacy and security concerns, 14 due to impersonation, three pornographic items and one due to national security reasons.
This shows that there was only one case of "National Interest" against 255 cases of "Political interests". ..so much for Mr Sibal's concern for National Security.
Now let's come to the genuine requirements of content control as per law and fairness. The fact that Internet media can be misused to spread rumors and cause social disturbance besides "Defamation" is accepted. Yes, there has to be a mechanism to curb this.
According to Section 79 of ITA 2008 and the rules notified in April 2011, when an intermediary receives a complaint about objectionable content, they need to act within 36 hours to take necessary action. This does not mean that the content has to be removed within 36 hours. What is required is that within 36 hours the intermediary needs to start a process of enquiry leading to contacting the person responsible for the content to show cause why the content has to be removed. Subject to receiving his response and being evaluated by a suitable internal dispute resolution mechanism, the content can then be removed if required.
When content needs to be removed, there is no reason for the entire website being blocked or entire article to be blocked.
It should be fair and sufficient if
a) A rejoinder is published with the counter view
b) Where found absolutely necessary, blocking of the specific words or sentences that are objectionable.
This solution was suggested by Naavi way back in 2001 when the Dalitstan.org controversy was raging. (Refer : How to Control Rogue Sites:- http://www.naavi.org/cl_editorial/edit_8dec00_1.htm )
I hope that ISPs will present this view to Mr Sibal when they meet him next
Naavi
Case filed to declare Aadhar as illegal
Nov27: A case has been filed in Bangalore to declare
Aadhar as "Illegal".Plaintiffs have cited various reasons including security,
procedures, contract related issues as well as privacy violation. etc.
Copy of the plaint
Estimate of Phishing Cases in India
Nov26: According to an answer provided by Minister Sachin Pilot in Parliament, 508 and 386 phishing cases was reported to CERT-In in the year 2010 and during January-October 2011 respectively. ..Report : TOI report
NCRB Statistics on Cyber Crimes
Nov 24: NCRB has now released the crime statistics for 2010 as in the previous years. According to information released, a total of 966 cases have been registered across the country under Section 65, 66 and 67 of ITA 2008. Additionally 14 cases are registered under Sections 72,73,74 related to digital signatures, 3 cases have been booked under Section 70, 15 cases under Section 72. ..Details
Yahoo Challenges GOI order
Nov 27: Yahoo has challenged the order of GOI imposing a fine of Rs 11 lakhs for refusing to part with some information demanded by the Government. The details sought for was regarding the e-mails sent claiming responsibility for the Delhi High Court blast. While Yahoo has raised a defense that it is duty bound to protect "Privacy", it is on a slippery ground as it is trying to protect the privacy of persons who are either mischievous and trying to mislead a terror investigation or preventing the culprits being identified in time. While the procedure used by GOI may be debated, it is unclear why the Government pursued the financial penalty route rather than prosecuting Yahoo on criminal charges. Yahoo should be happy that it has not happened as yet. Report in TOI
When you face an Internet Banking Fraud..in India
Nov 18: Internet banking frauds are common place particularly in India. I often receive requests for guidance on this matter from victims from different parts of India not knowing what to do. I am therefore placing these brief instructions for public information. What is stated here is my considered opinion (not to be construed as legal advice) as an Ex-Banker and a person involved in such litigations and is based on the guidelines contained in various RBI guidelines and Information technology act 2000....More
Facebook and ITA 2008-Need for Practicing Due Dilgence
Nov 18: Facebook has been under the center of a controversy in India for "Non Compliance of ITA 2008". It is reported that due to a security failure several thousands of Facebook users received a spam content which was then used to compromise the respective accounts of the user. Consequently links were reportedly posted which introduced a "Trojan" . It is reported further that the trojan stole some photographs posted on the facebook profile, morphed it into pornographic pictures. (See this TOI report). Facebook is considered an "Intermediary" under Indian law and is expected to follow "Due Diligence" as per the provisions of the Act. Failure to follow due diligence could make Facebook liable for any offence committed by the users making use of the Facebook platform. ..
...Additionally Facebook type of service providers which includes all the social networking sites need to put in place an appropriate dispute resolution mechanism on the lines of ICANNs UDRP process or some thing better.... More
Chennai Banks Forced to pay
Nov 18: After the Chennai Police unearthed a major credit card scam, it is reported that Banks have started reimbursing the losses to the customers on the basis of FIRs lodged. Canara Bank and ICICI Banks are reported to have repaid Rs 8 lakhs against 15 complaints so far. A total of 247 complaints have been filed with the Police in this connection. The total loss is estimated to be Rs 1.5 crores. Of the 247 instances, 92 cases are from Canara Bank. The credit for this change of heart by Banks may perhaps belong to the Chennai police for persuading Banks to accept liability since it is a common knowledge that Banks often resist the customer's demands in such cases. Report in Hindu
Bank of India and Police in Bangalore needs to take note of this development with reference to the complaint filed by Mr S Nagaraja regarding fraudulent withdrawal through ATMs. It must be reiterated that in this case the Banking Ombudsman in Bangalore Mr S Palanisamy failed to provide justice to the victim and Deputy Governor of RBI also failed to intervene. In this case also Canara Bank was involved indirectly since the money was withdrawn through Canara Bank ATM which did not have CCTV installed. Bank of India took the unfair stand to which Mr Palanisamy agreed that since the ATM has recorded that "Transaction was successful", it is the responsibility of the customer to provide evidence that he did not draw the money himself. The lack of CCTV facility was conveniently used by the banks to avoid their liability and the banking Ombudsman did not find any fault with the Bank.
Naavi.org is still looking for clarification from Dr Chakravarthy, Deputy Governor RBI in this regard.
Earlier articles: Innocent Bank Customer Suffers of ATM Card Cloning Fraud : Banking Ombudsman Scheme Set to Fail (Part 1) : The BO order : Bank of India Vs ATM Customers
Are Vested Interests at Work to manipulate RBI ?
Jan 24: The GGWG was an exercise at revising the 10 year old report of the SR Mittal Group which first addressed the requirements of the Internet Banking Era. Compared to the task which was ahead of the Mittal Group, GGWG was in a far more advantageous position since there was a decade old experience on both technology as well as the legal aspects of Technology Banking. ..
Not withstanding some good work reflected in the GGWG, it appears that the GGWG could have done far better than what it has done. This is more glaring in the chapters on Cyber Fraud and Legal Issues... More : Related Article in Techgoss
Phishing Risks under G Gopalakrishna Working Group Report
Jan 22: The GGWG has made the following comment on Phishing Risks in its report
"Of late there have been many instances of 'phishing' in the banking industry, posing a major threat to customers availing internet banking facilities. Though Section 66D of the amended IT Act could broadly be said to cover the offence of phishing, the attempt to commit the act of phishing is not made punishable. It is suggested that there is a need to specifically provide for punishment for an attempt to phish as well, in order to deter persons from attempting it"
I would however like to bring it to the notice of the observers that this has been addressed in ITA 2008. Additionally, ITA 2008 makes Phishing liable for punishment under several sections other than 66D. These observations are relevant to an analysis of Phishing cases in future... More
Role of Adjudicators in Phishing Cases Reiterated
Jan 22: One of the important observations made y the G Gopalakrishna Working Group in Electronic Banking is as follows.
"The IT Act, 2000 as amended, exposes the banks to both civil and criminal liability. The civil liability could consist of exposure to pay damages by way of compensation upto Rs 5crore under the amended Information Technology Act before the Adjudicating Officer and beyond Rs 5 crore in a court of competent jurisdiction. The top management of banks could also suffer exposure to criminal liability given the provisions of Chapter XI of the amended Information Technology Act and the exposure to criminal liability could consist of imprisonment for a term which would extend from three years to life imprisonment, as also a fine. Further, various computer related offences are enumerated under various provisions of the Act. "
The fact that the Umashankar Case has been vetted for Jurisdiction purpose both at the Adjudicator's level as well as the Cyber Appellate Tribunal Level is also another indication that the matter of jurisdiction in respect of such cases is a settled fact in law.
Since some IT Secretaries are not clear whether they can entertain adjudication applications there is a need for Cyber Appellate Tribunal and the Ministry of Communications and Information Technology , GOI to start a dialogue with the State Governments to find a proper mechanism by which the IT Secretaries are provided with infrastructure, guidance and manpower support to handle this additional responsibilities. ..More
RBI Working Group in Electronic Banking
January22: RBI released the report of the Working Group headed by G.Gopalakrishna on Information Security in Banks. After the June 14, 2001 instructions on Internet Banking based on the then working group report headed by S.R.Mittal, this report is another game changer in the Banking industry. Naavi has been in the forefront of fighting for better Information Security systems in Banks and the last year's landmark decision of the TN Adjudicator was a critical development which prompted Banks to sit up and take notice of their responsibilities. Now Banks have a more recent guideline to follow in respect of the security requirements. Watch out for more information in the impact of the Gopalakrishna report on the information security issues in Banks. Press Release: Summary of Report: Full Report :
Phishing Victims.. Sample Letter
Feb3: In continuation of the previous article, here is a sample letter which I recommend Phishing victims to send to RBI as a comment on the G Gopalakrishna Working Group. This may be downloaded signed and sent to the address mentioned there in or e-mailed as indicated. You can use your letterhead and add any other comments you may like to add. Word Fomat
RBI Seeks Comments from Public on G Gopalakrishna Working Group (GGWG) report
Feb 2: Naavi.org has already carried a few articles on the GGWG report. Now RBI has sought public comments before February 14 from stake holders. Stake holders include Bank customers and particularly those who have suffered on account of Phishing. I request all Phishing victims to immediately send their comments. Naavi.org would provide the necessary guidance if required. The comment can be sent by e-mail also. Please see here for details.
ITA-2000 Amendment Bill Introduced..15/12/06..2000
The much awaited ITA-2000 amendment bill specially designed to protect Intermediaries such as baazee.com has been introduced in the Indian Parliament.
Naavi
http://www.naavi.org
Is India Becoming a Criminal Friendly Country?
The extraordinary interest shown by writers like Ms Arundati Roy to save Afzal Guru (Convicted with death penalty for terrorist activity involving an attack on Indian Parliament) raises a doubt if India has become a Criminal Friendly country. How can a group of novelists proclaim that evidence against Afzal Guru is not good enough for legal scrutiny when a court has already examined the same and come to the conclusion that it is good enough for a death sentence? unless these intellectuals respected for their respective achievements in different fields are under the influence of terrorists themselves. ..Or are they responding to threats?. The intellectuals should realize that they are pledging their reputation for a cause which is meant to weaken the country. From the days of independence, it appears that Indians are slowly drifting to a culture of 'Freedom for Criminals' even at the cost of danger to our free existence. Under these circumstances, it is no surprise that when the criminal friendly amendments to ITA-2000 become law, there would be a wide support from intellectuals of all description for "progressive thinking".
Even the Supreme Court in its recent decision has shifted its responsibility to Press Council on publishing of "Obscene" content in print . This can clearly be interpreted as a "License to Publish Obscene content" in print and will soon be quoted in support of "Orkut" and other similar sites who thrive on obscenity.
Politicians have anyway already expressed their views and shown a clear support for all kinds of domestic and international criminals and do not hesitate to make them the ministers.
There appears to be a pattern developing in the Indian society that is becoming more tolerant towards crime and even terrorists. Sociologists need to analyse the long term impact of these early indicators.
Naavi.org expresses its grief and concern over this tendency to make India a law less country. Perhaps Naavi.org is amongst the minority group which is still under the influence of what once was a pride..nationalism and patriotism. Your comments on this "Changing Profile of Indians towards Criminal Friendliness" is welcome.
Naavi
http://www.naavi.org
Trend Micro Predicts Cyber Wars in 2007
Trend Micro, one of the leading IT security companies predict an increase in cyber wars in 2007. They also predict that the Social Networking sites such as Orkut and Myspace would be used for gathering more information for focussed attacks on people. Netizens should therefore be wary of posting their profiles in the Social Networking sites. Use of Internet based telephone calls for committing frauds is also predicted.(121206/2000)
Naavi
http://www.naavi.org
Orkut Blocking Investigations
An issue had been raised yesterday "Is Orkut a Rogue Site?". A further corroboration towards this conclusion is presented with the reported attitude of Orkut to investigator's enquiries. It is stated that it would take up to one year to get IP address information from Orkut, obviously, more than sufficient for criminals to go scot free. It is time that Orkut is made to respect Indian laws or shut itself out of the Indian market. India does not need a virtual monster which could be a haven for criminals...(121206/1200)
Naavi
http://www.naavi.org
Orkut needs to be banned
If there is one project which has seriously gone wrong on the Indian Cyber Space, it is Orkut. Every day one controversy or the other appears to be surfacing. After the Indian Flag burning, Defamation of Shivaji, Buddadev Bhattacharya's profiling, it is now the controversy regarding the use of the site to profile Mumbai Underworld dons. An incident has also been brought to our notice by a lady that her picture has been used on a profile which carries on indecent conversations. In all these cases, the management of Orkut has shown no inclination to act to curtail the activity.
It also appears that many of the pages of Orkut commuinities, host pages with malicious codes. Terrorists and criminals appear to have been using the site for promoting their nefarious activities. From all these developments that has been observed so far, it appears that Orkut itself has become a rogue site and is promoting a new culture of "Virtual Underworld". A serious question has to be therefore asked if Orkut can serve any useful purpose to the community and deserves to be blocked by law.
If Orkut does not respond positively to clean up its site, it deserves to be banned immediately. At least this would be a lesson for other operators not to indulge in such unethical practices to make money at the cost of the community. We therefore support strong action by Mumbai Police to shut down Orkut with immediate effect.
Naavi
http://www.naavi.org
Nepal Passes Cyber Law
Nepal has passed Electronic Transactions Act 2006 to provide a legal regime for electronic commerce in Nepal. The Act replaces the ordinance of 2005
Naavi
http://www.naavi.org
Trends in Cyber Security
IBM X Force has predicted the following trends in the Cyber Security situation in 2007
• “Spear phishing” (targeted attacks on online consumers) will evolve beyond simply targeting online banking users, aiming at several other sources including pension sites, investment portfolios and healthcare benefit sites. The next generation of these types of ID theft malware will continue to get smarter and build user profiles for hacked accounts in an attempt to automatically log in to multiple sites with the same stolen credentials.
• Enterprises will start to see that multi-factor authentication is cumbersome and ineffective against threats that are present before and during secure transactions to online banking, and will take an active role in securing employee Web transactions.
• With the growth of behavioural engines, desktop antivirus engines will no longer be categorised as standalone devices, but rather as part of a larger complementary security system.
• The frequency of exploits through Web browsers will increase, driven by commercial malware distributors such as SpyWare.
TRAI Promotes Carbon Credit
In a bid to promote use of environment friendly energy sources by Telcom Companies, TRAI has propsoed to offer a better revenue sharing arrangement and Carbon Credit benefit. This is a significant development as it draws the Carbon Credit system close to ICT industry. Soon this could be a matter of interest to all IT Companies too. It may be recalled that Naavi through Digital Society Foundation has been trying to establish a Carbon Credit Link with farmers in an attempt to bring the benefits of the Digital Society to the rural community. However sufficient response in this direction has not yet been received from other stake holders and the measures announced by TRAI may develop more interest in Carbon Credit system by the ICT industry.TRAI proposes `carbon credits' for telcos .
Naavi
http://www.naavi.org
Chennai Police Express Helplessness
The accompanying report suggests that Chennai Police has expressed helplessness in preventing hosting of pornographic websites with content produced in Chennai on an industrial scale. Unfortunately, it is not the legal support that is lacking to prevent such anti social activities but a lack of determination and will to take action. If appropriate action is not taken on the ground that there is little local impact of the crime, there will be a day when another Dr Prakash will emerge, threatening resepctable women in Chennai into acting in digital blue movies. From the big screen, sleaze shifts online.
Naavi
http://www.naavi.org
Blogging without Problems
Blogs have become very popular in the Internet and it is estimated that there are more than 60 million blogs in Cyber Space making it as big as the website space. However, often websites are maintained with a little more caution while blogs are maintained casually leading to legal problems. This article in ET explores the Blog space and Naavi's tips to be a responsible blogger. Speak Softly..ET Related article in Naavi.org Article at University of Michigan
Naavi
http://www.naavi.org
ITA-2000 Amendments.. Some Changes Expected
The incessant campaign of Naavi.org on the proposed amendments to ITA-2000 might have had some impact on the Government. It is understood that the Government is making some changes from the original draft. However to what extent the Government is willing to retrace its steps curbing the egos involved will be known only when the full draft of the revised amendments is made public. Let's wait and watch.
Naavi
http://www.naavi.org
Life Imprisonment for Pornography publisher in China
It is reported that a person has been convicted for life imprisonment in China for maintaining a pornography website. It is interesting to note that India at the same time is considering diluting the provisions of Section 67 of ITA-2000 by reducing the imprisonment term from 5 years to 2 years and exempting Intermediaries except when he has received the actual knowledge or has conspired or abetted in the crime.
Naavi
http://www.naavi.org
Employee Sells Domain Name Ownership Fraudulently
An employee of a web service company in Ahmedabad is reported to have sold ownership of five websites to a French national by misusing the administrative rights associated with the domain name registration. The accused appears to have tried to extort money from the genuine owners. The websites involved in the fraud were ahmedabad.com, talash.com, talashinfosoft.com, evyapar.com, and allindiagift.com...
Naavi
http://www.naavi.org
ISP Service Comes under Consumer Rights Scanner
In a landmark judgment in a consumer forum in Delhi, the broad band service of Sify has been held as a "Service" for the purpose of Consumer Protection Act and compensation has been ordered for deficiency of service.
Naavi
http://www.naavi.org
Another Landmark Judgment in USA on "Digital News Publication"
In a case (Barrett v. Rosenthal ) under Communication Decency Act, The Supreme court in California has held that "Re-posting of defamatory information" cannot be sued. The implications of some of the interpretations drawn under this case could be far reaching. This reflects on the liability of an intermediary for publishing of information which could amount to defamation. But since the instant case arose out of a posting in a news group, it may actually affect interpretation of liability in case of news group and blog postings. It is however necessary to observe that the judge did make a reference that the case should be seen in the context of Section 230 of the Communication Decency Act and concluded that "Any further expansion of liability must await Congressional action".
Naavi
http://www.naavi.org
ITA-2000 shakes up Chartered Accountant Aspirants
The students who took up this year's CA examination were reportedly rattled by the paper which contained 25 marks of questions on Information Technology Act 2000. While one can sympathize with the students who had apparently skipped the chapter and therefore have spoiled their chances of success in the examination, we do appreciate the fact that the examiners gave the right weightage to ITA-2000 that deserved in a CA examination. With all accounting having been computerized, digital signatures having been made mandatory for submission of certain returns, audits being conducted under the Computerized environment, it is inevitable that the study of ITA-2000 was essential for a CA and the examiners have brought in the focus which was required
Naavi
http://www.naavi.org
Pune Police Take action against Orkut
After the Indian flag burning and Buddhadev's impersonation, it was Shivaji bashing which finally has caught up with Orkut. It has been reported that a derogatory remark was posted in a community with about 100 members on October 29th. A complaint was lodged by National Students Union of India workers and Pune Police are investigating. It is further reported that a case has been booked under Section 67 of ITA-2000 and Sections 292 and 295 of IPC. Police have also tried to shut down Cyber Cafes where people were found surfing the site according to a news paper report.
Naavi
http://www.naavi.org
Mobiles To Be Jammed near Prisons
Haryana police have issued instructions to mobile operators to install signal jammers in the Prisons to prevent use of mobiles by prisoners. While the intention is good, mobile operators are questioning the need for jamming since they claim that the jammers may immobilize mobiles in the surrounding areas too. They claim that it is lot easier to control the physical movement of mobiles into the prison rather than using jamming devices. While there is truth in their claim also, it is difficult to believe that either it is impossible to localize jamming or to install a monitoring device instead of jamming so that if the prison area cannot be isolated for jamming at least the Police can monitor all calls in the zone as an intelligent measure. Hopefully a mutually acceptable solution will be found so that prisoners do not continue to do their criminal business sitting inside the prisons.
Naavi
http://www.naavi.org
Phishing Attack on SBI Customers
A phishing attack has been noticed on the customers of State Bank of India. It is reported that the cloned website has since been blocked. As is common in such attacks, the customers of the Bank were sent an e-mail inviting them to visit the website and enter their log in IDs and passwords. The enclosed report suggests that Cert-In has observed phishing attempts on other Indian Banks but is keeping the information under wraps. SBI has also not placed any alerts on its website.
The suppression of information from the customers is not conducive to educating of the customers and could be a cause for more customers falling prey. Naavi.org urges that both CERT-In and SBI should take steps to keep the potential victims informed so that they can exercise caution.
Naavi
http://www.naavi.org
Two Day Orientation Programme in Hubli for Police
Cyber Law College and G K Law College, Hubli conducted a two day orientation programme in Hubli for Police Officers on Cyber Crimes.
Naavi
http://www.naavi.org
Separate Law For Credit Card Frauds?
It is reported that Indian Payment Card Risk Council (IPCRC) an association of 16 prominent banks issuing credit cards in the country have pressed for separate separate ‘Card Crime Legislation’. Report in HT.
It is necessary however to debate whether any new law is in fact required since the IPC and ITA-2000 already have enough provision for every kind of frauds involving Credit card. It must be recognized that the Credit Card is an "Electronic Document" and "Card Data" is "Information Residing Inside a Computer". Creating fake cards, making changes in information on the card or on the data base amounts to Section 66 offence under ITA-2000. Fraud itself is covered under IPC. Online misuse of card is also covered under Section 43 of ITA-2000. Additionally, frauds such as Lebanese loop or skimming in which credit cards are involved are also covered under Sections 66 and Section 43 of ITA-2000 (Unless they are changed through amendments)
Before a new law is passed IPCRC must explore if there are any specific problems that are not addressed by the present laws.
Naavi
http://www.naavi.org
Virtual Adultery.. a problem of the times
This article in TOI indicates a growing tendency of the current generation to lead a virtual life different from the physical life and do things which they are constrained not to do because of the norms of the society. No where this crossing of boundaries more evident than in the relationship with the opposite sex. While Cyber Sociologists have to take up this issue for further study, it would be of interest if courts start admitting "Virtual Adultery" as reasons for marital divorce. If "Virtual Property" can be a point of dispute, it is obvious that "Virtual adultery" can also be a point of marital dispute.
Naavi
Vijayashankar
www.naavi.org
CBI to Investigate "Morphing" allegation
CBI has started an interesting investigation on alleged morphing of a photograph published in a book. While the use of the country's highest investigating agency for a case of low priority indicates a political hand behind the order, the investigation is likely to be academically interesting.
From the reports the brief appears to be not only to confirm morphing of the photo but also to prove that Mrs Najma Hepthulla, a political rival of the ruling Congress Party had any hand in it. Since the end objective of the investigation appears to be to establish the role of Mrs Hepthulla, like the infamous Justice Bannerjee Committee which came to the conclusion that the Godhra train was burnt by the Karsevaks themselves, CBI may be able to find the conclusive finger print of Mrs Hepthulla in the morphed picture. If so, it will in deed be a remarkable investigation !. If CBI is unable to prove the link of Mrs Hepthulla to the morphing, it would be one great waste of public resource for political vendetta.
Does CBI has the forensic capability to identify "morphing" and "finger print of the user"?.. only time will tell.
Naavi
Vijayashankar
www.naavi.org
When Virtual Reality Hurts
India is a land where Shankara's Advaita philosophy was born. One of the main elements of this philosophy is that the world is "Maya".. "non existent in reality but experienced in imagination". The philosophy says that we experience pains and pleasures through imagination/hallucination. We do get a vindication of this theory in dreams and when we look at persons whom we consider "mad", who live in their own hallucinations all through the day.
Now, "Virtual Reality" is trying to create yet another avenue for people to experience what they imagine to be true. This explains why a game participant went to court claiming that his "Virtual Property" has been illegally confiscated by the "Virtual Government" (Refer "Learn to Unlearn", the first principle of "Cyber Jurisprudence). The creation of websites such as Hell.com to give the experience of how the experience at hell could be, (For a price) is a pointer in that direction. Many of the games which promote killing, violence and other aspects of life which is considered wrong is also an indicator of this mindset.
Where does this tendency lead to?.. is an interesting subject to explore.
Naavi
Vijayashankar
www.naavi.org
Is Computer Virus a Work of Art?
Certain developments in the digital society highlight the different sociological standards that seems to prevail in the Digital Society. When we discuss Cyber Crimes and the behavioural aspects of Netizens, Naavi.org has been discussing a concept of "Technology Intoxication". When some technology wizards claim "Virus" as work of art, (Refer http://0100101110101101.org/projects.html ) a further doubt arises whether we are dealing with "Technology Intoxication" (which is a temporary state of mind) or "Technology induced derangement of mind" (permanent state of mind). How do we prevent our young generations degenerating into such state of mind? How do we rehabilitate some body from that state of mind?.. are some of the issues that "Cyber Behaviour Scientists" will have to discuss in future.
Naavi
Vijayashankar
www.naavi.org
Social Networking Websites to be barred from US Schools?
In what is termed as an attempt to protect Children from the ill effects of the Internet, US is getting ready to pass a law titled "Deleting Online Predators Act" (DOPA). The effect of the act is to bar certain websites from being accessed from Schools and Public Libraries receiving Government funding. The sites which would be affected would be those sites which are allowing building of online communities and exchanging personal profiles. In particular web content including "commercial Web sites that let users create Web pages or profiles or offer communication with other users via forums, chat rooms, e-mail or instant messaging." would be the target of the legislation. ..More
naavi
Vijayashankar
http://www.naavi.org
Indian Pseudo Cyber Security Activists..all set to play a fraud on the society
Two new legislations being contemplated in USA indicate the raise of new thoughts in Cyber Space regulations which will in due course contribute to the cumulative knowledge of "Cyber Jurisprudence". The first is the raising demand for "Mandatory Monitoring of ISPs".
While the countries with stringent records of Privacy Protection and Freedom of Speech are reconciling to the fact that in the emerging terror stricken world there is a need for new "Jurisprudence" where "Curbing of some freedom" is essential for protection of democracy, it is strange that in India there is an attempt to provide a better shield to the Intermediaries made possible by the Indian Pseudo Cyber Security Activists who are projecting the amendments as beneficial to the society. It is therefore with pain that we must say that the attempt is a fraud on the Indian society....More
Naavi
http://www.naavi.org
Are Hyderabad Police partners in an illegal activity?
A Times of India Report states that it is common in Hyderabad for people to approach private so called "IT Security" companies to investigate cyber crimes. Not withstanding the success stories narrated in the report, it needs to be recognized that this trend of private investigation is dangerous and equivalent to private "dadagiri".
It is also objectionable that such companies should call themselves "IT Security Companies" or "Ethical Hacking" Companies, since they are actually "Private detective agencies" using the same tools which the criminals use such as password stealing etc.
If the TOI report is true, then these IT Security companies must be having access to the IP addresses of Internet users from the ISPs which is a privacy invasion.
Unless Government of India comes out with a legislation that allows existence of private detectives and empowers them to gather information from the ISPs and to undertake "Hacking for investigation", these activities have to be dubbed as illegal.
While I welcome the views of the e2Labs founder that private sector should assist the Police in Cyber Crime investigation, they have to be careful in not taking law into their own hands. This is precisely what seems to be happening in Hyderabad. It will not be long before some of these ethical hackers or the companies they are engaged in turn into e-extortionists themselves.
I demand that Hyderabad Police take necessary legal action on such companies based on the report. If not, public will only assume that the Police are hand in glove with the private operators and deliberately flunking investigations so that public may use the services of the private operators. Such a situation also makes public to assume that the Police are getting their mamool from these companies for diverting business to them where as in reality it may just be their inability to handle such investigations... TOI Article
naavi
http://www.naavi.org
Are Hyderabad Police, partners in an illegal activity?
A Times of India Report states that it is common in Hyderabad for people to approach private so called "IT Security" companies to investigate cyber crimes. Not withstanding the success stories narrated in the report, it needs to be recognized that this trend of private investigation is dangerous and equivalent to private "dadagiri".
It is also objectionable that such companies should call themselves "IT Security Companies" or "Ethical Hacking" Companies, since they are actually "Private detective agencies" using the same tools which the criminals use such as password stealing etc.
If the TOI report is true, then these IT Security companies must be having access to the IP addresses of Internet users from the ISPs which is a privacy invasion.
Unless Government of India comes out with a legislation that allows existence of private detectives and empowers them to gather information from the ISPs and to undertake "Hacking for investigation", these activities have to be dubbed as illegal.
While I welcome the views of the e2Labs founder that private sector should assist the Police in Cyber Crime investigation, they have to be careful in not taking law into their own hands. This is precisely what seems to be happening in Hyderabad. It will not be long before some of these ethical hackers or the companies they are engaged in turn into e-extortionists themselves.
I demand that Hyderabad Police take necessary legal action on such companies based on the report. If not, public will only assume that the Police are hand in glove with the private operators and deliberately flunking investigations so that public may use the services of the private operators. Such a situation also makes public to assume that the Police are getting their mamool from these companies for diverting business to them where as in reality it may just be their inability to handle such investigations... TOI Article
Naavi
( vijayashankar )
Are Hyderabad Police, partners in an illegal activity?
A Times of India Report states that it is common in Hyderabad for people to approach private so called "IT Security" companies to investigate cyber crimes. Not withstanding the success stories narrated in the report, it needs to be recognized that this trend of private investigation is dangerous and equivalent to private "dadagiri".
It is also objectionable that such companies should call themselves "IT Security Companies" or "Ethical Hacking" Companies, since they are actually "Private detective agencies" using the same tools which the criminals use such as password stealing etc.
If the TOI report is true, then these IT Security companies must be having access to the IP addresses of Internet users from the ISPs which is a privacy invasion.
Unless Government of India comes out with a legislation that allows existence of private detectives and empowers them to gather information from the ISPs and to undertake "Hacking for investigation", these activities have to be dubbed as illegal.
While I welcome the views of the e2Labs founder that private sector should assist the Police in Cyber Crime investigation, they have to be careful in not taking law into their own hands. This is precisely what seems to be happening in Hyderabad. It will not be long before some of these ethical hackers or the companies they are engaged in turn into e-extortionists themselves.
I demand that Hyderabad Police take necessary legal action on such companies based on the report. If not, public will only assume that the Police are hand in glove with the private operators and deliberately flunking investigations so that public may use the services of the private operators. Such a situation also makes public to assume that the Police are getting their mamool from these companies for diverting business to them where as in reality it may just be their inability to handle such investigations... TOI Article
Naavi
( vijayashankar )
