Perry4Law Leads In Cyber Forensics And Cyber Security Legal Practice Worldwide

When we hear of fields like cyber security and cyber forensics, technology companies come to our mind. As the demands of clients have significantly increased, many non traditional professionals have also started providing services in these areas. One such professional branch is legal fraternity that has started providing services for areas like forensics audit, cyber forensics, cyber security, e-discovery, etc.

In the year 2002, Perry4Law Organisation (P4LO) was established and its segment Perry4Law Law Firm is the first and exclusive techno legal law firm of India. With more than a decade experience, P4LO and Perry4Law Law Firm have catered the needs of national and international clients in various techno legal fields.

Perry4Law has set a trend for cyber forensics and cyber security legal practice worldwide through its domain specific and highly specialised techno legal services. Its research works are frequently cited by scholars at national and international levels. What is more amazing is the establishment of dedicated online resources in the fields of Cyber Law, Cyber Security, Cyber Forensics, E-Discovery, Telecom Laws,  Intellectual Property Rights (IPRs), Corporate Laws, etc.

Praveen Dalal, managing partner of Perry4Law Law Firm and P4LO and leading techno legal expert of Asia, is a strong advocate of Civil Liberties Protection in Cyberspace. He believes that Human Rights Protection in Cyberspace must be Internationally Recognised. He also believes that E-Surveillance Projects of India need Parliamentary Oversight and Judicial Scrutiny.

Dalal is also a strong advocate of cyber and data security.  No Client would be happy if its/his/her confidential and sensitive documents are obtained through cracking/hacking the Law Firm Website or Database, opines Dalal. Perry4Law Law Firm uses the “Best Cyber Security Practices” recommended by International Organisations, informs Dalal.

P4LO has been providing various techno legal trends since 2006. Recently released techno legal trends include cyber forensics trends and developments in India 2014- Part 1, cyber security developments in India 2014 and cyber security trends of India 2015, cyber law developments in India 2014, telecom related developments in India 2014, etc.

With international level of techno legal expertise, P4LO and Perry4Law Law Firm are class apart and world leaders in techno legal services. Other Law Firms of India must also start providing services in techno legal fields if they have the requisite expertise in this regard.

Source: Cyber Security In India.

Global Techno Legal News And Views By Perry4Law Organisation (P4LO)

Merging of technology and law raises interesting techno legal issues that are not easy to handle. There are very few organisations or individuals that can manage techno legal issues in India and world wide. Perry4Law Organisation (P4LO) is one such organisation that handles unique and qualitative techno legal services in fields like cyber law, cyber security, cyber forensics, e-discovery, etc. One such initiative is known as Global Techno Legal News and Views.

Some of the interesting post of the blog are:

(1) Non Mandatory Aadhaar: The matter pertaining to legality and constitutionality of Aadhaar project is pending before the Supreme Court of India. The Central Government has been maintaining that Aadhaar is not mandatory but for all practical purposes it has been made mandatory by Indian Government.

(2) Digital India: Digital India project of India is an ambitious but troublesome initiative as it is suffering from numerous shortcomings. This is the reason that the Digital India project is heading towards rough waters. In fact, Digital India is the biggest digital panopticon of India so far. There is an urgent need to make it legal and constitutional.

(3) Carbanak Malware: The notorious malware Carbanak was instrumental in stealing about a Billion US Dollars from financial institutions worldwide. Vskimmer Trojan, capable of stealing credit card information from Windows systems, was already in circulation. Similarly, the Malware Dump Memory Grabber was also targeting POS systems and ATMs of major U.S. banks. These malware were creating havoc in India and international levels.

(4) Censorship By Twitter: In an unexpected move, Twitter has been censoring tweets relating to topics like Aadhaar, Digital India, etc. Till the time of writing of this post, Twitter is still censoring topics like Aadhaar, Digital India, etc.

(5) Hardware Spyware: Kaspersky has revealed that intelligence agencies have been using hardware based stealth spyware. These hard drives are manufactured by Western Digital, Seagate, Toshiba and other top manufacturers, thereby making their use a potential cyber hazard.

(6) FBI Search Warrants: Recently a proposal was made to expand the search warrant powers of FBI. Google opposed the same and openly conveyed its dissent for the proposed US Justice Department proposal to expand federal powers to search and seize digital data, warning that the changes would open the door to US “government hacking of any facility” in the world.

(7) Lenovo Adware: Lenovo has been accused of pre installing Adware in laptops thereby compromising their security. Users have complained that a programme called Superfish pre-installed by Lenovo on consumer laptops was “Adware”, or software that automatically displays adverts.

(8) Microsoft Cloud Computing: It has been reported that Microsoft has adopted a new standard for cloud privacy that commits the company to protect the privacy of customers’ data, not to use it for advertisement purposes, and to inform the customer of legal requests for personal data. Google along with other companies has been fighting against e-surveillance activities of U.S. agencies.

(9) Mobile Communications Security: Intercept has recently published an article describing that U.S. and British spies hacked into the internal network of Gemalto in 2010 that is one of the largest manufacturers of SIM cards in the world. They stole the encryption keys used to protect the privacy of mobile cellular communications across the globe. These spies mined the private communications of Gemalto engineers and employees in multiple countries, including India. However, the most interesting revelation comes in the form that GCHQ could not intercept keys used by mobile operators in Pakistan, even though Pakistan is a priority target for Western intelligence agencies. This is because Pakistanis used more secure methods to transfer the encryption keys between the SIM card manufacturers and Pakistani mobile operators.

(10) Lawyers Communications: Recently a British court ruled that the U.S. – U.K. surveillance regime was unlawful for seven years. This means that the regime has also failed to comply with the European convention on human rights. U.K. government is already facing a trial where it has been accused of unlawfully intercepted conversations between lawyers and their clients.

(11) Online Card Games: Some online gaming stakeholders in India have approached the Supreme Court of India to get clarity on the legality of online games like rummy, poker, etc. In response of the same, the Supreme Court asked the opinion of Central Government in this regard but the same has been informally denied by the Central Government. This means that till the time Supreme Court actually says that online rummy, online poker and online card games are legal in India, majority of these gaming stakeholders may be exposing themselves to legal risks and civil and criminal liabilities. Now that the Supreme Court of India has finally refused to decided legality of online poker and online rummy in India, online card games websites may be legally risky if not properly drafted and managed.

(12) Internet Safety Campaign: Indian government has announced that an Internet safety campaign would be started very soon in India. From the media reports it seems that the awareness drive would cover all stakeholders ranging from school level to government departments.

(13) Google Timestamps: In a bizzare manner, Google has manipulated the timestamp of the news titled Digital India, Aadhaar and digital panopticon of India and put the date 27-02-2015 instead of 02-03-2015. This means that news surfers looking for latest news would not get the same and after some time the news would be removed from the relevance search as well. We have also checked the date results and the news was lying on 4^th page with other news of 27^th February 2015 date. This is a strange behaviour on the part of Google and all such behavioursa of Google are catalogued at the blog titled “Unofficial Websites, News, Blogs And SERPs Censorship By Google“. A mirror of this blog is also available here.

(14) E-Mail Policy: Indian government has been struggling long to formulate and implement the e-mail policy of India. This is important for India as sensitive documents cannot be transferred out of India as per Indian laws like Public Records Act, 1993. Even Delhi High Court is analysing the e-mail policy of India and has shown its displeasure over slow action on the part of Indian government in this regard. It has now been reported that Indian government has decided to ban the use of Gmail or any other private email for official communication across all its organisations, and make it mandatory for them to migrate to email services provided by the National Informatics Centre (NIC).

(15) CISO Of India: In a significant move, the Prime Minister’s Office (PMO) has appointed Dr. Gulshan Rai as the first Chief Information Security Officer (CISO) of India. This would go a long way in ensuring critical infrastructure protection in India (PDF). We also strongly recommend that a revised Cyber Security Policy of India 2015 must be drafted by Modi Government that must address cyber security issues in a more comprehensive and holistic manner. Further, international legal issues of cyber attacks must also be considered well in advance by Indian Government. Perry4Law Organisation (P4LO) has released a research paper on international legal issues of cyber security and cyber attacks and the same can be considered by Indian Government while strengthening Indian cyber security capabilities.

(16) Anti Bullying Committee: Cyber bullying in India is a big nuisance with practically no remedies. However, things would be changed very soon with the issuance of CBSE Guidelines for Prevention of Bullying and Ragging in Schools 9^th March 2015, Reg: (D.O. No. 12-19/2012-RMSA-I) (PDF). Due to increasing cases of physical and cyber-bullying of students, Central Board of Secondary Education (CBSE) has directed all its affiliated schools to form an anti-bullying committee. The committee should comprise of vice-principal, a senior teacher, school doctor, counsellor, parent-teacher representative, school management representative, legal representative and peer educators. CBSE also directed the schools to tackle sexual abuses and strictly implement POCSO Act 2012.

(17) Technology Companies Regulations: Dealing with technology and foreign companies is a big challenge for Indian government. Whether it is taxation aspects or applicability of Indian laws to such companies, India has not been able to achieve a success in this regard so far. There is also a lack of legal framework to govern such technology and foreign companies in India as on date. At Perry4Law Organisation (P4LO) and Perry4Law’s Techno Legal Base (PTLB) we have been suggesting techno legal frameworks in this regard from time to time. We at P4LO and PTLB welcome this support of Indian Government and various stakeholders to our suggestions and recommendations from time to time. However, we strongly recommend that we need a comprehensive techno legal framework in this regard especially if we have to make the “Made in India” and “Digital India” projects successful.

(18) Killer USB: A Russian hacker/researcher created a killer USB that can crash the victim system once the modified/hacked USB is plugged into it. The basic idea of the USB drive is quite simple. When we connect it up to the USB port, an inverting DC/DC converter runs and charges capacitors to -110V. When the voltage is reached, the DC/DC is switched off. At the same time, the filed transistor opens. It is used to apply the -110V to signal lines of the USB interface. When the voltage on capacitors increases to -7V, the transistor closes and the DC/DC starts. The loop runs till everything possible is broken down.

(19) Traffic Routing: Networks and systems need to trust each other to make the Internet function in a speedier manner. If one system or service provider falters, the services of other may be hampered. In one such incidence, users around the world were not able to access Google’s service for a short period of time due to a technical glitch. Users were cut off due to the routing leak from Indian broadband Internet provider Hathway. The leak is similar to a 2012 incident caused by an Indonesian ISP, which took Google offline for 30 minutes worldwide.

(20) Grid Security Expert System (GSES): A Grid Security Expert System (GSES) of India has been proposed to be developed by Powergrid. Cyber security of automated power grids of India is need of the hour. It is only after a massive power blackout in 2012 that Indian government has woken up to the dangers of cyber attacks against Indian power sector. GSES would involve installation of knowledge based Supervisory Control and Data Acquisition (SCADA) system, numerical relays and Remote Terminal units upto 132 kV stations and the reliable Optical fibre Ground wire (OPGW) communication system at an estimated cost of around Rupees 1200 crores. The objective of the GSES is implementation of the Automatic Defense mechanism to facilitate reliable and secure grid operation.

(21) Cyber Law Due Diligence: Cyber law due diligence received a major jolt when the Supreme Court of India read down the internet intermediary due diligence requirements. The main problem seems to be reading down of Section 79(3) (b) and Rule 3(4) By Supreme Court in a manner that would be counter productive in the long run. In fact, reading down of Section 79(3) (b) and Rule 3(4) is more problem than solution as the Supreme Court erred in adopting this approach.

(22) SEBI And Cyber Security: It has been reported that SEBI has expanded the ambit of its Technical Advisory Committee (TAC) to include cyber security of the markets. CECSRDI welcomes this move of SEBI and is committed to help it in every possible manner to achieve this benign cyber security objective.

(23) E-Police Station: An e-police station in Delhi would register online FIR for motor vehicle theft cases. The pilot project of the “Motor Vehicle Theft (MVT) Application” is now accessible on mobiles and computers. Presently this facility is available only for police stations in South Delhi and the same will be extended to entire Delhi after sorting out technical glitches and other problems.

(24) Social Media Compliances: Social media websites are not complying with laws of India. India’s struggle against social media websites to fall in line with Indian laws continues even in Narendra Modi’s regime. To make the matter worst we have no social media laws in India or any effective and implementable social media policy of India. Of course, a new framework for use of social media by governmental organisations has been suggested by Indian government in the past but that is of little help in solving the present problem at hand. The real solution, according to Praveen Dalal, is formulation of a techno legal framework that can address the diverse and complicated issues of cyberspace in India. In short, social networking laws in India need clarity and codification.

(25) MPPEB Scam: MPPEB scam has become an investigation nightmare for the law enforcement agencies of India. The credibility and reliability of evidence is in question on the one hand and unresolved cyber forensics issues are on the other hand. Scientific investigation methodology is still to be used in the investigation of MPPEB scam.

(26) IT Subsidiary Of RBI: The Reserve Bank of India (RBI) has showed its commitment to fight against cyber crimes and financial frauds by declaring that an information technology driven subsidiary would be established by it to deal with cyber nuisances. This IT subsidiary of RBI would also deal with cyber security and related issues with a special focus upon banking related technology issues. The IT subsidiary of RBI would also evaluate the technical capabilities of banks that is almost missing as on date.

(27) Privacy Invasive Software: The Supreme Court of India has asked the Indian Government to clarify upon privacy invasive software and mobile applications. Supreme Court of India has taken a serious note of the software and mobile applications that can be used to extract private information from smartphones.

(28) Smart Cities In India: Smart cities in India have been proposed to be established in near future. However, smart cities in India may face cyber security and civil liberties issues that are left unresolved by Indian Government.

(29) Protection Of Good Samaritan: In a welcome move, the Narendra Modi led Government has issued Guidelines on Protection of Good Samaritan While Saving Lives of Road Accident Victims (2015) (PDF). This shows the sensitivity of Indian Government towards the precious lives that can be saved if road accident victims can be taken to hospitals as soon as possible.

We hope our readers would find this post and blog useful.

Source: P4LO.

Cyber Security Law Firms In India

About four years back, India's leading techno legal ICT law firm Perry4Law wrote about cyber security legal practice in India. The article was very clear in its message that techno legal fields like cyber law, cyber security, cyber forensics, cyber warfare, cyber terrorism, etc are not the preferred field of legal practice for law firms and lawyers in India and other countries. The main reason for avoiding cyber security legal practice was lack of expertise to manage complicated cyber security related issues. Only law firms like Perry4Law have been managing techno legal issues of cyber security, cyber law, cyber forensics, e-discovery, etc in India so far.

Then came the positive development and lawyers and law firms started exploring the areas like cyber law, cyber security, cyber forensics, etc. Although the number of such lawyers/law firms is negligible yet the growing interest in the techno legal fields would increase such numbers in future. Further, techno legal issues would also change the way traditional businesses and transactions would be carried out in future. For instance concepts like cyber insurance, online dispute resolution, e-courts, digital evidencing and e-discovery, media forensics, cyber forensics, etc would be very much used in future.

However, technology laws have their own peculiar problems. Cyber laws are generally curative in nature as against the desirable preventive requirements. They are formulated keeping in mind the crimes/cyber crimes that have already taken place instead of what cyber crimes can possibly happen in future. In short, cyber laws must be “futuristic” in nature as against “historical” in their applicability. This brings novel legal challenges before lawyers and law firms as cyber security legal practice becomes very challenging and research oriented field.

Cyber crimes and cyber attacks have increased tremendously world over. No country is safe from cyber crimes and sophisticated cyber attacks. Despite this position there is no method or procedure to asertain international legal issues of cyber attacks. Perry4Law Organisation (P4LO) has been managing the exclusive techno legal blog on international legal issues of cyber attacks and the same can be accessed here. Further, to spread public awareness in the techno legal fields, P4LO has also been providing global techno legal news and views and the same can be accessed here. A virtual law campus (VLC) has also been launched by Perry4Law's Techno Legal Base (PTLB) so that skills developments in the fields like cyber law, cyber security, e-discovery, cyber forensics, etc can be ensured for various stakeholders including lawyers.

With issues like cyber espionage and cyber warfare, the traditional armed forces and legal fraternity are now collaborating upon a very unique platform where lawyers need to have a sound knowledge of both law and technology. It seems the techno legal community alone would be able to dare to explore issues like cyber law, cyber security, etc in future.

Source: Cyber Security In India.

Virtual Law Campus (VLC) Of PTLB

Online legal education in India is still at the infancy stage. In fact, the concept of online education has not been accepted with full heart in India so far. Another area of concern is the academic nature of our educational system where there is no real choice between skills and degree. A blind race to acquire a degree would not bring any tangible benefits except unemployment and frustration. This is the reason why India must stress upon skill based education and trainings.

Skills based education and training can be effectively imparted if we adopt online education or e-learning methodology. This is more so in the legal education field that has mostly remained untouched by the use of information technology for educational purposes.

Perry4Law’s Techno Legal Base (PTLB) has been working in the direction of establishment and working of online legal education in India for long. Not only this, PTLB Virtual Campus is also providing many techno legal skills development, training and education courses in India and around the world through online education, distance learning and e-learning modes. We are also helping young school children in choosing the most appropriate courses for legal career. However, our courses have been designed for stakeholders ranging from school children to teaching faculties.

Taking these initiatives a step further, PTLB has launched two dedicated initiatives in these fields. These are launching of dedicated websites for virtual legal education campus (VLEC) of India and virtual law campus (VLC) of India by PTLB. These websites would be fully functional very soon and virtual legal education would get a new shape and meaning in India. Further, we have also launched Twitter accounts named PTLB Virtual Campus and Virtual Law Campus that would help in better coordination and information sharing between PTLB and various stakeholders.

The aim of these two initiatives and other educational projects of PTLB is to impart online legal education ranging from traditional fields to the most contemporary topics. For instance, PTLB has been managing online cyber law education in India for long. Cyber law is a contemporary legal area that requires techno legal expertise. There are very few cyber law education institutions in India and even lesser are cyber law experts in India. Thus, the demand for cyber law professionals is very great in India and other jurisdictions.

Similarly, areas like cyber security, cyber forensics, e-courts, online dispute resolution (ODR), e-discovery, etc also require qualitative educational institutions. The traditional universities or colleges are constrained by their own rules and courses but online education platforms are free to provide qualitative and customised techno legal courses.

PTLB is in the course of adding and introducing novel, qualitative and highly efficient training, skills development and education tools and technologies. We are also introducing some very unique and highly required techno legal and other courses that are not properly represented in present times. PTLB is also exploring tie ups and collaborations with universities, colleges and other online learning platforms in India and abroad.

Our initial idea is to use PTLB Virtual Campus for various techno legal courses, trainings and skills development programs like cyber law, cyber security, cyber forensics, etc. Whereas we intend to use Virtual Law Campus for legal fields and law courses that are imparted in universities and colleges. However, both Virtual Legal Education Campus (VLES) and Virtual Law Campus (VLC) would primarily cater the requirements of legal courses, trainings and skills developments initiatives though we may add other techno legal courses as well. PTLB would share more details about PTLB Virtual Campus, VLEC and VLC very soon.

Source: TLSDI.

Online Petition And Survey By CCICI Regarding Cyber Law Due Diligence In India

Interpretation and analysis of the judgment of Supreme Court of India in Shreya Singhal v. Union of India (24^th March 2015), Writ Petition (Criminal) No.167 Of 2012 (PDF) has already been started by various cyber law stakeholders of India. Most of them have based their observations upon Section 66A alone leaving aside other sections like Section 69A and Section 79 of the Information Technology Act, 2000.

However, it seems while doing justice to freedom of speech and expression in India, the Supreme Court has erred in reading down Section 79 and Rule 3 of Information Technology (Intermediaries Guidelines) Rules, 2011 (PDF) that pertains to Internet Intermediary liability and observance of cyber law due diligence (PDF) by them. In fact, it has been claimed that Supreme Court has killed cyber law due diligence in India to a great extent.  

Cyber Crimes Investigation Centre of India (CCICI), the premier cyber crime investigation centre of Perry4Law Organisation (P4LO), has been covering these issues from the very beginning. Now CCICI has taken this interpretation and effort to another level by starting an online petition and survey titled “Do We Need a Stronger Cyber Law Due Diligence in India?”

Unfortunately, most of the interpretations and observations regarding the judgment of Supreme Court were directed towards Section 66A alone and the issue of cyber law due diligence was totally ignored. This has serious ramifications for all cyber victims whose locus standi has been taken away by the Supreme Court to approach the Intermediary.

It is of utmost importance that this issue must be discussed in great detail and then taken up before the Supreme Court through a review petition. Similarly, the collective inputs can also be shared with Indian government and Parliament so that they can come up with a more potent and effective cyber law due diligence requirement in India.

If you are a cyber victim or you know a person who has been a cyber victim, please share your views through this petition and review. Your views would shape the cyber law of India and make it more meaningful. If you have ever suffered from harassment over e-mail, SMS, chatting, Social media, etc or you know a person who has been so harassed, then please share your views at the petition/survey page. Collectively let us make a responsible cyber society and culture in India.

Source: Cyber Law Blog.

Digital India And Aadhaar Related Critical Policy Suggestions And Views Of Praveen Dalal

Digital India is a promising initiative of Indian Government. However, like any new and good project, Digital India is also suffering from many shortcomings and weaknesses. It is imperative on the part of Indian Government to remove these limitations of Digital India project instead of suppressing the same. It is also important that any critical view or suggestion regarding Digital India project must not be either suppressed or censored by Indian Government or technology platforms like Google, Twitter, etc.

There are many critical opinions regarding Aadhaar and Digital India projects. It is believed that by clubbing the digital India project with Aadhaar, Indian Government has made Digital India the digital panopticon of India.

There are also many reported cases of censorship activities of Google and Twitter in India. The dissenting tweets and posts regarding Digital India were censored by both Google and Twitter repeatedly. It would be better if these companies would respect civil liberties in cyberspace in the future.

This post is sharing the critical and other views and recommendations of Praveen Dalal regarding Digital India and Aadhaar Projects that have been shared at Twitter for public at large but are not easy to find due to censorship activities. These are as follows:

(1) Use Of ICT For Women Empowerment In India Is A Belated But Good Step Under Digital India. My Opinion (2006). Source: UNPAN (PDF),

(2) Digital India Project Is Good But It Must Be Supplemented With Robust Cyber Security In Advance,

(3) Twitter Continues Censoring Digital India Related Dissenting Tweets. Source: Perry4Law News Centre,

(4) Google Is Manipulating Timestamp Of Digital India Related Dissenting News To Remove Them From Latest News Results. Source: Perry4Law News Centre,

(5) Exploring Digital India By Riding Upon M-Governance And Ignoring Shortcomings Of E-Governance And Aadhaar Is A Risky Step That Should Be Avoided,

(6) Now Google Is Flexing Its Censorship Muscles For Digital India Related Critical Tweets- Source: Perry4Law News Centre,

(7) It Is Good That Budget 2015 Has Given Importance To Digital India. Now The Govt Must Work In The Direction Of Making It Successful,

(8) The Biggest Problem Of Digital India Project Is That It Lacks A Clear Cut Policy And Implementation Plan,

(9) Twitter Is Censoring Dissenting Digital India Related Tweets In Real Time- Source: Cjnews India,

(10) E-Surveillance Projects Of India Need Parliamentary Oversight And Judicial Scrutiny- Source: CLPIC,

(11) Unconstitutional And Illegal Biometrics Collection Laws And Practices In India- Source: CEPHRC,

(12) Aadhaar Is Not A Welfare Project But An E-Surveillance Project Of Highest Nature- Source: Privacy Laws In India,

(13) Digital India Project Of India Is Heading For Rough Waters- Source: Perry4Law News Centre,

(14) Central Govt Lied To Supreme Court By Telling Aadhaar Not Mandatory For Its Services,

(15) Digital India Is Biggest Panopticon Of Human Race The Moment It Is Clubbed With E-Surveillance Tool Named Aadhaar, Source: Privacy Laws In India,

(16) Would You Like Your Children To Be Digitally Tagged Forever? If Not, Protest Against Aadhaar And Stop Its Use,

(17) Digital India By Making Aadhaar Compulsory And Illegally Clubbing It With E-Services Is Controlling Your Digital Life,

(18) Shortcomings Of Digital India Project Of India- Source: Perry4Law News Centre,

(19) Digital India Project Of India Is Heading For Rough Waters- Source: Perry4Law News Centre,

(20) Aadhaar Not Mandatory For Government Services: Central Government To SC- Source: Perry4Law News Centre, 

(21) Modi Govt Should Not Risk Wonderful Concepts Like Digital India, Made In India And Digital Locker By Clubbing Them With Aadhaar. Bad Idea,

(22) Supreme Court Must Immediately Impose An Interim Stay On States/Centre That Are/Is Making Aadhaar Compulsory,

(23) Supreme Court Must Immediately Declare Aadhaar Project As Unconstitutional- Source: CLPIC,

(24) It Is Surprising How People Can Be So Docile About Aadhaar And How Central Govt Can Fool Supreme Court So Easily With False Statements,

(25) Digital Locker Is A Legal Project Based Upon Illegal Technology Named Aadhaar- What An Irony, etc. 

This consolidate list would provide a readymade reference list of all Digital India and Aadhaar related critical views and opinions of Praveen Dalal at a single place. We hope our readers would find this post and these tweets useful and productive.

Source: IIPS.

Cyber Security Issues For India In 2015

Cyberspace is becoming a complicated zone to handle and manage. Every country is trying its level best to adjust its affairs in cyberspace. However, cyber criminals and cyber attacks are much more ahead and advance than their prevention and remedies.

India is a late entrant in cyber security field as it never gave importance to cyber security related issues. In face, the research works titled cyber security developments 2013 (pdf) and 2014 of Perry4Law Organisation have shown many weaknesses in the cyber security infrastructure of India.

The matter does not end here. The cyber security trends in India in 2015 are also not very promising. The problem with Indian cyber security initiatives is that there is neither a legal framework nor any implementable policy for the cyber security. Even the national cyber security policy of India 2013 is suffering from numerous weaknesses.

According to the projections made by Centre of Excellence for Cyber Security Research and Development in India (CECSRDI), there are many complicated cyber security challenges that are waiting for India in the year 2015. Some of the areas of concern pointed out by CECSRDI are international legal aspects of cyber security, state sponsored cyber attacks, increasing use of malware, cyber espionage, cloud computing adoption in India, mobile security and mobile governance issues, critical infrastructure protection requirements in India, etc.

These issues must be analysed keeping in mind the technology driven projects like Digital India and Internet of Things (IoT) (pdf) that have been launched without any cyber crisis management plan of India and establishment of offensive and defensive cyber security capabilities.

The cyber security trends have also projected that malware like Stuxnet, Duqu, Flame, etc would be used more aggressively in the year 2015. These malware are not only stealth but they are also too sophisticated to be detected by India. Let us hope that Indian government would consider cyber security as a top priority area in the year 2015.

IT Act To Be Amended To Accommodate E-Commerce Concerns

Information technology Act 2000 (IT Act 2000) carries provisions pertaining to e-governance and e-commerce. However, IT Act 2000 has outlives its importance and it is high time to enact dedicated laws for e-governance and e-commerce in India. This though of dedicated laws brings discomfort and uneasiness to the Indian government and hence it always chooses the easy path of bring piecemeal amendments in the existing laws. Of course, this is not a productive exercise in the long run and it brings unforeseen and unproductive results.

Now once again Indian government has decided to amend the IT Act 2000 to accommodate the e-commerce concerns. We have no dedicated e-commerce laws in India and barring few provisions in the IT Act, 2000, e-commerce in India is largely unregulated. As a result regulatory violation by Indian e-commerce websites is in abundance. In fact, e-commerce websites of India are under enforcement directorate scanner.

Indian government intends to streamline e-commerce laws in India by bringing a law in the form of Communications Convergence Bill. The government plans to modify the IT Act, 2000 to provide legal recognition for transactions carried out using electronic data interchange and other means of electronic communications in a more explicit manner. It also aims to draft a set of globally acceptable guidelines to increase the legal predictability for e-commerce and adopt the United Nations General Assembly's (UNGA) recommended Model Law on Electronic Commerce (MLFC).

This is a good policy decision by Indian government and it would bring uniformity and legal certainty among e-commerce entrepreneurs of India. 

Time To Scrap Aadhaar Project Has Come

Aadhaar initiative is one of the most draconian and unwanted initiative that has been forced upon Indian citizens by our respective governments. Whether it is Congress or BJP, both have been wasting public financial resources upon an illegal and unconstitutional project like Aadhaar.

What is really surprising is the fact that all this is happening despite the fact that the Supreme Court of India has declared that Aadhaar cannot be made compulsory by Indian government. However, government departments and authorities in India are openly flouting this direction of the apex court and are committing contempt of court.

There was a dire need for the Modi government to scrap the Aadhaar project. However, Modi government preferred to keep the project alive for reasons best known to it. Experts believe that although the Modi government has allocated a big sum for Aadhaar project yet it cannot legally spend the same upon Aadhaar project till legal and technical infirmities are removed first. Otherwise, it would be another round of booty sharing of hard earned public money.

Legality of Aadhaar project has already been questioned before many courts including the apex court of India. Till now the real intentions of Indian government has come to light. The façade of public and welfare services is no more applicable to Aadhaar project as there is no element of welfare activities in the Aadhaar project. In fact, Indian government is hiding truth from Indian citizens in this regard and is all committed to violate our civil liberties.

There is no doubt that privacy is a basic human right that no government can take away. However, Indian government is not respecting this human right and is indulging in illegal and unaccountable e-surveillance and snooping. Instead of ensuring privacy rights in India, India is supporting countries like US for illegal e-surveillance upon Indian citizens.

Modi government must not fool Indians by portraying Aadhaar as a welfare project and must scrap the same till proper constitutional and legal safeguards are put in place. Indians must not enroll for Aadhaar no matter whatever arm twisting tactics are adopted by the Indian government in this regard.

International Cyber Security Cooperation

Cyber security is a complex mechanism that combines both technology and legal aspects. Further, cyber security also involves conflict of laws in cyberspace on the one hand and civil liberties protection in cyberspace on the other hand. The former is involved when the conflicting laws of two nations are involved that is usually the case these days. The latter comes into picture when the cyberspace policy of a nation is used to the detriment of the other as usually happens in the case of e-surveillance activities. Naturally international cooperation in the field of cyber security is need of the hour.

As far as India is concerned, the cyberspace landscape of India is fast changing. According to law firm Perry4Law, the cyber security breaches in India would raise complicated cyber security issues. The cyber security breaches need a mandatory reporting mechanism in India.

Similarly, with the active use of e-governance in India, cyber security of e-governance services in India must also be ensured. Indian cyberspace must be protected on a priority basis but this would create many techno legal cyber security challenges before the Narendra Modi government.

As cyber security breaches are increasing world over, both national and international stakeholders must deliberate upon this issue. The sooner this is done the better it would be for the cyberspace at large.

Indian Android Application Would Help Hearing And Speech Impaired People

India has not been very receptive to the plights and rights of disabled population. Whether it is educational institutions or public employments, disabled population in India is always at the disadvantageous position. Whatever little efforts that have come to rescue of these people they have come from private individuals with no profit motive. One such initiative has been undertaken by a team of four girls from the Vishwakarma Institute of Information Technology (VIIT) who have developed an android application to bridge the communication gap that exists between hearing and speech impaired people and normal beings. 

In an attempt to utilise their technical skills for a social cause, four students in their final year of engineering—Apeksha Bhat, Shubhangi Yerolkar, Nisha Advani and Sayali Bora—have developed this app that may prove handy. Their efforts need to be taken further on a large scale and in other directions as well.

The application in question converts the sign language into speech that will help a hearing and speech impaired person talk to people who do not understand sign language. Conversely, the hearing and speech impaired person can know what the other person speaks as the application also converts verbal language back into sign language. 

Talking about what differentiates their app from others in the market, Bhat says, “Designing an app in Hindi and only using the Indian Standard Sign Language was the most-difficult aspect of the whole development process. It is this feature that distinguishes our app from the others in the Android market and serve a similar purpose”.

For the project, the girls visited the Aadhar Deaf School located at Bibvewadi, Pune, where they researched to understand the special needs of the hearing impaired students. “Sitting in their classrooms, interacting with their faculty and the principal was an eye-opener for us. We were inspired to contribute in whatever small way we could to bridge the communication gap between them and us,” said Yerolkar. While encourage the initiative, Bilavari Karkare, principal, VIIT, Pune, has asked the college management to sponsor a smartphone with the app installed to the Aadhar Deaf School.

I hope Indian government would encourage these courageous and public spirited young girls in the larger interest of Indian population that needs special facilities.

Sanjam Garg Invents Cryptography Technology That Makes Computer Programme Code Unintelligible While Preserving Its Functionality

Encryption technology is being considered to be a good solution of many online evils. Encryption can protect individuals and companies from cyber threats, intellectual property thefts, corporate and cyber espionage and so on. Encryption can also help in protecting the intellectual property.

Protection of a software source code is considered to be a tedious job. The problem is that if we encrypt the source cod of software it may hinder its functionality and may render it useless. Sanjam Garg, a graduate of the Indian Institute of Technology, Delhi, has solved this problem and won the 2013 Doctoral Dissertation Award for developing a technique to protect such source codes.

He invented a breakthrough cryptography technology that enables the first secure solution to the problem of making computer programme code “unintelligible” while preserving its functionality. This problem, known as software obfuscation, conceals the programme's purpose or its logic in order to prevent tampering, deter reverse engineering, or pose a challenge to readers of the source code.

Garg described new mathematical tools that serve as key ingredients for transforming a program into a “jigsaw puzzle” of encrypted pieces. Corresponding to each input is a unique set of puzzle pieces that, when assembled; reveal the output of the programme. Security of the obfuscated programme hinges on the fact that illegitimate combinations of the puzzle pieces do not reveal anything.

New Company Law Of India And Cyber Obligations

Corporate law firm Perry4Law has provided a list of provisions of the Companies Act, 2013 and the rules 2014 under it. These rules and relevant provisions have been notified by Indian government from time to time. They have become operations from today i.e. 01-04-2014 hence Indian companies are required to make necessary compliances with them in due course of time.

The new company law has prescribed many techno legal compliance requirements that were not there in the old law. Thus, cyber law due diligence cannot be ignored by Indian companies anymore. Even cyber security requirements have been prescribed by the new company law. Very soon cyber security breaches notification would become mandatory in India and this would raise serious cyber security issues for Indian companies. Corporate frauds investigations are also going to increase due to increasing cyber crimes and cyber contravention among Indian companies.

The new company law regime prescribes management and inspection of documents in electronic form, electronic voting, electronic notices, etc that require a techno legal compliance on the part of Indian companies.  Corporate stakeholders would find these notifications by Indian government worth considering in this regard:

(1) Indian Companies Act, 2013 (PDF)

(2) MCA Notification Dated 26-03-2014 (PDF) Regarding 183 Sections of Indian Companies Act 2013

(3) Table Containing Provisions Of Companies Act, 2013 As Notified Up To Date And Corresponding Provisions Thereof Under Companies Act, 1956 (PDF)

(4) Roll Out Plan Of Various Forms Under The Companies Act, 2013 And Continuance Of Forms Under The Provisions Of Companies Act, 1956 (PDF)

(5) Companies 2nd (Removal of Difficulties) Order, 2014 (PDF)

(6) Companies (Appointment and Qualification of Directors) Rules, 2014 (PDF)

(7) Companies (Corporate Social Responsibility Policy) Rules, 2014 (PDF)

(8) Companies (Incorporation) Rules 2014 (PDF)

(9) Companies (Share Capital and Debentures) Rules, 2014 (PDF)

(10) Companies (Accounts) Rules, 2014 (PDF)

(11) Companies (Declaration and Payment of Dividend) Rules, 2014 (PDF)

(12) Companies (Management and Administration) Rules, 2014 (PDF)

(13) Companies (Meetings of Board and its Powers) Rules, 2014 (PDF)

(14) Companies (Prospectus and Allotment of Securities) Rules, 2014 (PDF)

(15) Companies (Registration of Charges) Rules, 2014 (PDF)

(16) Companies (Specification Of Definitions Details) Rules, 2014 (PDF)

(17) Companies (Adjudication of Penalties) Rules, 2014 (PDF)

(18) Companies (Miscellaneous) Rules, 2014 (PDF)

(19) Nidhi Rules, 2014 (PDF)

(20) Rules under Chapter XIV of Indian Companies Act, 2013 pertaining to Inspection, Inquiry and Investigation (PDF)

(21) Suggestions Regarding Rules Pertaining to Inspection, Inquiry and Investigation (SFIO) by Perry4Law (PDF)

(22) Cyber Law Due Diligence Requirements For Indian And Foreign Companies (PDF)

This list would be updated from time to time by Perry4Law. Please bookmark this page so that you can have updated information about Indian Companies Act, 2013 and Rules/Notifications made thereunder form time to time.

Telecom Environment In India Is Changing

Indian telecom environment is all set for a big overhaul after many scams and irregularities. On the one hand Indian government is encouraging electronic system design and manufacturing in India whereas on the other hand it is fine-tuning the telecom regulatory environment of India. The new merger and acquisition (M&A) guidelines issued by Indian government is seen as a pro active step by many telecom stakeholders.

The FDI policy for telecom sector of India 2014 (PDF) has also been made liberal by enhancing the limits of FDI in telecom sector of India. Indian government has also given approval to establish two semiconductor wafer fabrication manufacturing facilities in India (PDF).

At the same time regulatory compliances have also significantly increased in India in the telecom related fields. For instance telecom due diligence compliances is required to be ensured by foreign investors and those interested in M&A with Indian companies. Further, telecom stakeholders exploring the M&A route must also comply with the Internet intermediaries requirements and cyber law due diligence requirements (PDF) as prescribed by the Information Technology Act, 2000 (IT Act 2000).

The reaction of national and international telecom stakeholders are mixed in nature. Some have considered these steps as reformatory while others believe that these steps would not make much change in the existing circumstances and telecom environment. Only time would tell who is right in this regard.

M-Health Sector Of India Needs Regulatory Reforms

The healthcare sector of India is heading towards a big growth trajectory. Reports from many research organisations have shown that if India takes care of some health related aspects, then India can be greatly benefitted by this healthcare revolution. The corporate environment of India is also changing this is a good sign for healthcare industry of India.

Regulatory environment of India needs to be streamlined to make this revolution a reality. Presently, the m-health related legal violations in India are on rise as the m-health entrepreneurs in India are violating Indian laws while conducting their businesses.

Mobile handsets are increasingly being used to delivery numerous services in India. From mobile banking to online ticket reservations, everything can be managed from mobiles these days. The health sector is also utilised mobile technology to expand its services to areas that are not available through traditional medical science methods.

Mobile health or m-health is a contemporary concept in India. It has tremendous reach and it can reach even to the remotest areas of India where the traditional medical facilities cannot be provided.

However, along with increasing use of m-health in India its use must be suitably regulated by Indian government. Although we have no dedicated m-health laws in India yet m-health is presently regulated through legal provisions that can be found in different legislations.

According to New Delhi based ICT law firm Perry4Law, m-health legal requirements are not duly complied with by the m-health service providers of India. Legal compliances for privacy, data protection, data security, cyber security, cloud computing compliances, etc are still not adhered to by a dominant majority of m-health service providers in India, says Perry4Law.

This would make these m-health service providers liable to multiple legal proceedings and cases. M-health service providers are internet intermediary within the meaning of Intermediary guidelines as prescribed by Indian government.  They are also required to follow cyber law due diligence so that civil and criminal provisions under the information technology act 2000 cannot be invoked against them.

Judged by these legal standards, it is obvious that the m-health service providers in India and not complying with legal requirements at any stage and of any level. This would make them vulnerable to a host of legal actions when Indian government would become aware of these illegalities and irregularities.