Thursday, December 23, 2010

Investigation Agencies Of India Need Techno Legal Trainings

In this article my friend V.K.Singh has analysed the requirements of effective techno legal trainings of law enforcement agencies, CBI and intelligences agencies so that they can perform their duties more efficiently. These agencies also need good techno legal skills so that instead of demanding for weak encryption standards in India they may be able to deal with them in all situations.

Central bureau of investigation (CBI), India has learnt the cyber security lessons the hard way. It website has been claimed to be defaced by Pakistani crackers. It has been more than 20 days since the website of CBI was defaced. However, the initial defacement has raised a more serious issue.

The issue pertains to lack of cyber security capabilities of India in general and CBI in particular. India has been negligent in developing cyber security capabilities. Even if Indian ministers and bureaucrats talk about cyber security, it primarily pertains to website defacement.

Cyber security is a very wider and holistic concept. It has little to do with website defacement but primarily addresses the security of the entire cyberspace architecture. Surprisingly, CBI website is still offline and is down. Even the heavyweight departments like department of information and communication technology (DIT), India, national informatics centre (NIC), India, Indian computer emergency response team (CERT India), etc failed to do anything in this regard.

This has come as a severe blow to the cyber capabilities of CBI. A black spot on the otherwise good performance of CBI is lack of knowledge about techno legal issues like cyber law, cyber security, cyber forensics, etc. CBI must urgently develop cyber security and techno legal expertise.

For the time being there is no escape from the conclusion that law enforcement agencies and investigation agencies of India lack techno legal expertise in the fields like cyber law, cyber security and cyber forensics. This has drastically reduced their capabilities to solve cyber crimes through latest investigative technologies. They need good and effective training in this regard.

However, what is more worrying is the fact that even DIT, NIC and Cert India are no better situated. The website of CBI is a classic example of the same where India is hiding its lack of cyber capabilities behind the façade of security audit. After all security audit does not take months or years to finish if proper expertise is there.

This situation has created a serious threat to critical ICT infrastructure protection of India. With the present speed and efforts, Indian cyberspace is really vulnerable to all sorts of cyber attacks. India must immediately formulate an effective cyber security policy and follow the same in letter and spirit.

Saturday, December 18, 2010

Telecom Policy Of India Is Anti Common Man

Department of telecommunications (DoT) India has been in controversies these days. These controversies were bound to arise due to defective, arbitrary and user unfriendly policies and strategies of DoT.

The telecom policy and respective notifications under the same, as issued by DoT from time to time, are seldom in public interest and are never for the benefit of telecom consumers. These policies are primarily drafted for the benefit of big telecom companies and self serving interests of DoT India.

Take few examples in this regard. Telemarketing nuisance is a well known fact in India. Neither DoT India nor telecom regulatory authority of India (TRAI) has done anything in this regard. Telemarketing woes and harassment would continue in India for at least five more years.

Similarly, the reverification requirements of DoT are arbitrary and anti consumer. Even if a person has deposited all her documents at the time of getting a connection, service providers like Vodafone India are harassing its users by passing the buck to DoT. If DoT does not take any action against companies like Vodafone, naturally DoT is the main culprit for harassing mobile users in India.

Another example is the number portability in India. DoT is extending the deadline for number portability in India from time to time. This gives mobiles users of India limited choice and force them to stick to their present service providers.

It seems the telecom policy of India is not at all meant for the common man. On the contrary it is harassing and troubling the common man.

Friday, December 17, 2010

Vodafone India Is Loosing Its Customers Over Reverification Issue

Vodafone India’s services are not upto the mark and its customer care services is even worst. The latest to add to the woes of Vodafone’s users is the reverification drive that has harassed many Vodafone customers. Surprisingly, even after submission of proper and complete documents, Vodafone customers are again asked to resubmit the same.

This has also damaged the reputation and trust of Vodafone and after the number portability comes into force, a dominant segment of Vodafone customers may switch to other mobile service providers.

Noted lawyer Praveen Dalal has even sent a legal notice to Vodafone India regarding its reverification process. After the legal notice, Vodafone India tried to pass the buck to department of telecommunication (DoT) India.

It seems Vodafone India has been negligent in handling the sensitive document of its users and thereby makes these users vulnerable to frauds and identity thefts.

Companies like Vodafone India are misusing the concepts of national security and public interest by citing DoT regulations. DoT has nowhere mentioned that Vodafone must dump the document submitted along with the connection and ask for them again and again.

By disconnecting user’s connections, Vodafone India is also violating the consumer laws of India and is engaging in unfair trade practices.

DoT, India must initiate an inquiry in this regard especially where the original documents submitted with Vodafone India have gone? In fact, these lost documents may pose many security related problems as well.

The matter has been brought to the knowledge of DoT Minister Mr. Kapil Sibal by Praveen Dalal and let us hope Mr. Sibal would bring some order in the otherwise unregulated world of Indian telecom sector in general and Vodafone India in particular.

Monday, December 13, 2010

Vodafone India Playing Security And National Interest Card

In this “Guest Column”, Praveen Dalal, Managing Partner of Perry4Law, shares some insights regarding the reverification drive of DoT India and service providers like Vodafone.

At last I got some insight about the “Reverification Drive” of Department of Telecommunication (DOT) India and mobile service providers like Vodafone. A person named Rahul Sindwani of Customer Care, Vodafone, finally contacted me to explain the rationale for unilateral disconnection exercise of mobile services of Vodafone India in the name of “Reverification”.

He informed that as per DOT guidelines they have instructions to disconnect all cellular connections, whose documentation is found non-complaint by the “authorities”. Now this is interesting on at least two counts. First, Vodafone has passed the buck upon DOT India for this whole mess. Secondly, who are these “Authorities” that see whether the documents in question are complaint or non complaint? Is it DOT, India or the Security and Intelligence Agencies?

It also raise an important question that if complete and proper documents in question have already been submitted at the time of getting connection, why Vodafone/DOT are again asking for the same? Without knowing who checked our documents and what deficiencies, if any, have been found by them, it is very difficult to believe the argument of DOT/Vodafone regarding lack of proper documentation. Perhaps, it is high time for a Right to Information Application (RTI Application) against DOT/Vodafone.

Vodafone also played the classic card of “Security” and “Public Interest” for this whole mess. Where is “Public Interest” in harassing law abiding and honest citizens and what “Security” purposes it is going to serve?

Meanwhile, I have once again communicated with Vodafone and asked for further details like the rationale for resubmission of documents, by whom my documents have been analysed, who are the authorities that analyses the documents, how would Vodafone indemnify the users whose documents have been misused and why should not a Consumer Case and Civil Proceeding be started against Vodafone.

I hope I would get some good, concrete and logical answers this time and not another eye wash response by Vodafone. Of course, the option of filing an RTI Application to elicit truth is always available to me.

Vodafone India Served Legal Notice For Reverification

In what seems to be a much required development, Praveen Dalal, a Supreme Court Lawyer, sent a show cause cum legal notice to Vodafone, Delhi regarding illegal and unreasonable demand for deposit of documents for reverification that have already been submitted by millions of Indians, including him.

It is also learnt that e-mail has also been sent to Minister Kapil Sibal in this regard bringing to his notice the arbitrary manner in which the entire reverification exercise is conducted by Vodafone, Delhi.

Mobile service provider like Vodafone have been using unreasonable and arm twisting techniques of disconnecting the connections of law abiding and honest users who have already submitted all the required documents at the time of getting connection.

Further, there is no assistance of any sort from Vodafone customer care that never replies back to the grievances of its users. This is definitely against the license terms and conditions that asks service providers like Vodafone to provide qualitative services to its users and resolves all their grievances and disputes.

In the past the department of telecommunications (DoT) has been too friendly with telecom companies and this is the reason why controversial issues like 2G scam took place.

DoT India must establish a procedure where the illegal and unreasonable practices adopted by telecom service providers can be analysed and curbed. Presently, the service providers have a free hand and this is a nightmare for the end users.

With Kapil Sibal as the new Minister, we can expect efficiency, transparency and accountability of telecom dealings. Although he has much more important tasks at hand, it would be a good idea if he analyses the reverification menace created by service providers like Vodafone as well.

Sunday, December 12, 2010

Complaint Against Indian Department Of Telecommunications Filed At DARPG

Department of telecommunication (DoT) India has issued instructions to mobile service providers to “reverify” it pre paid connection subscribers. Even if a consumer had duly submitted relevant and complete documents at the time of pre paid connections, she is again asked to resubmit the same.

This is against the principles of good governance and is a bad policy decision as it is harassing law abiding and honest people. So far millions of connections have been disconnected due to this paranoid drive of DoT, India.

In a welcome step, Praveen Dalal, Supreme Court Lawyer, filed a complaint at DARPG against DoT/Vodafone. He has also sent a show cause cum legal notice to Vodafone.

He has maintained that this process of reverification is violating the consumer law and other laws of India. He has also raised issue of “indemnification’ in case either the previously submitted documents or newly asked documents are misused by any person.

In case of misuse, both mobile service providers like Vodafone and DoT India must be held responsible for the loss arising out of misuse of such documents.

If this drive of reverification continues, consumer cases and civil proceeding may be filed by thousands of people and this situation must be avoided by government of India. When the national litigation policy of India (NLPI) is looking forward for fewer litigation matters, bad policy decisions by DoT India may frustrate the whole purpose.

Saturday, December 11, 2010

Critical ICT Infrastructure Protection In India

Critical infrastructure protection (CIP) in India (CIP in India) is an essential part of homeland security of India. Homeland security is assuming importance these days in India. However, homeland security of India needs urgent rejuvenation as the same is not up to the mark. As the concept is new, it would be fair if India take two or more years to streamline its homeland security.

Further, cyber security issues are also closely related to homeland security of India. On the front of cyber security as well India has to cover a long distance. India must develop cyber security capabilities as soon as possible.

Cyber Security and Homeland Security are in infancy stage in India, says Praveen Dalal, Managing Partner of Perry4Law and leading techno legal expert of India. Both of them are very important to preserve India’s Critical ICT Infrastructure Protection. Further, India also needs a separate Framework for Cyber Security, CIP and Homeland Security issues, suggest Praveen Dalal.

With the growing cyber threats against India like cyber terrorism, cyber warfare, cyber espionage, etc, it is very much required to have good cyber security strategy in India. India also needs to formulate suitable ICT policy covering all these crucial issues.

However, of all the requirements the most important one pertains to techno legal skill development in India. Indian government or its agencies do not have sufficient numbers of skill workforce to deal with issues like cyber law, cyber security, cyber forensics, cyber warfare, cyber terrorism, cyber espionage, etc.

We have just a single techno legal cyber security research, training and education centre (CSRTCI) in India. The CSRTCI is managed by Perry4Law Techno Legal Base (PTLB), one of the techno legal segments of Perry4Law and spearheaded by Praveen Dalal himself.

Finally, India has also not shown much interest in formulation of techno-legal crisis management plan (CMP). Although many talks in this regard have been undertaken, a concrete action in this regard is still awaiting.

Home Minister P Chidambaram must take initiative regarding cyber security, cyber forensics, cyber warfare, etc. Home Ministry is currently undertaking projects like Natgrid, CCTNS, etc and it would be a good idea to cover areas like CIP, homeland security, and CMP as well.

Monday, December 6, 2010

Police, Lawyers And Judges Training In India By PTLB

Technology related or digital issues are not popular either among the legal or among the judicial community of India. This is the reason why cyber law and cyber forensics related issues are seldom found mention in the courts. However, the future belongs to technology related disputes and their resolution.

While foreign countries are giving lots of emphasis to cyber related education and training, India is not doing enough in this regard. Crucial training areas like lifelong learning or continuing legal education (CLE) are still missing in India.

The bar council of India (BCI) is the main authority that is responsible for improving standards of legal professionals in India. Till now, BCI has not been able to materialise its objective of providing scientific and technical professional training to lawyers in India.

The problem seems to be lack of management and expertise in this regard in India. Even Law Ministry of India has not been able to contribute significantly in this direction. Although Law Minister Veerappa Moily has promised many legal and judicial reforms, yet they are still in pipeline. Till these reforms are actually implemented, legal and judicial standards in India cannot improve.

Even the law enforcement agencies of India are not aware of cyber crimes and cyber law related issues. They do not know how to deal with cyber related issues much less how to handle digital evidence. There is also lack of proper cyber law and cyber forensics training for law enforcement agencies of India.

On the other hand, other nations are working really hard in this regard. Take the example of U.S. Attorney's. The U.S. Attorney's Office has sponsored its first "Cyber Crime, Electronic Evidence, and Cyber Security Training" for local and federal law enforcement officials. The purpose of the training is to equip law enforcement agencies of US to deal with cyber crimes.

Investigation of cyber crimes, use of digital evidence and lawful search and seizure of computers is very essential for law enforcement agencies. At Perry4Law Techno Legal Base (PTLB) we provide techno legal research, training and education to law enforcement agencies, public prosecutors and lawyers, judicial officers, corporate executives, law graduates, professionals, etc.

The best part of these trainings is that they are all managed in an online environment through our “Online Platform”. Application form for the enrollment to various courses, internships and trainings can be downloaded from here. You must duly fill the form and submit the same along with the prescribed fees. For more details regarding the fees, duration of courses, natures of courses, etc see the FAQs.

Sunday, December 5, 2010

Cyber Security Of India Is In Bad Shape

The recent defacement of the website of central bureau of investigation (CBI), India has once again shown the weakness of cyber security of Indian government websites. To further embarrass the situation, the website of CBI is still not operational.

However, besides the weak cyber security, India is also suffering from grossly deficient cyber law and inadequate cyber forensics capabilities. There are many reasons why Indian cyber law, cyber security and cyber forensics failed. But the prime reason for the failure of cyber law, cyber security and cyber forensics in India is lack of interest of Indian government and Parliament of India. It seems India has turned a blind eye towards these crucial issues.

Further, industrial lobbying has been weakening Indian economy and Indian national, internal and external security. Even the policy issues of cyber law, cyber security and cyber forensics have been greatly influenced by industrial lobbying to the detriment of national interest of India.

According to Praveen Dalal, Managing Partner of techno legal ICT Law Firm Perry4Law and Supreme Court Lawyer, India is not very sensitive towards cyber law, cyber security and cyber forensics requirements. The IT Act 2000 is a poorly drafted law and badly implemented legislation. It is weak and ineffective in dealing with growing Cyber Crimes in India as it is the most “Soft and Cyber Criminal Friendly Legislation” of the World. There is an urgent need to “Amend” the present Cyber Law of India and make it Robust, Effective and Stringent, suggests Praveen Dalal.

So why is there a gloomy picture of cyber law, cyber security and cyber forensics issues in India? This is because there is a lack of adequate research and training in these crucial fields. Barring few exceptional training institution, India is not good at training of its manpower in field like cyber law, cyber security and cyber forensics. Further, there is just a single techno legal cyber security research, training and educational centre in India (CSRTCI) managed by Perry4Law Techno Legal Base (PTLB).

Absence of skilled manpower leaves India vulnerable to cyber attacks including cyber terrorism, cyber warfare, cyber espionage, etc. The fact is that we are not at all prepared to tackle issues like cyber terrorism and information warfare.

The threats of cyber terrorism in India are increasing and India is not prepared to deal with the same. We are also not serious about information warfare against India. Even the critical ICT infrastructure protection in India needs special attention.

It is high time for India to consider these issues as soon as possible and come up with a good and effective cyber security policy in India.

Thursday, December 2, 2010

UID Project And UIDAI Are Instrumentalities Of Social Oppression

Aadhar project of India or UID project of India is often portrayed as a tool of social inclusion. But this is just a façade. The truth is that Aadhar is a tool and instrumentality of social oppression and social exploitation of Indians.

To achieve this exploitative purpose, unique identification authority of India (UIDAI) has been established. Despite the ferocious protests by civil liberty activists, neither Aadhar project nor UIDAI are empowered by a legal framework. Even the National Identification Authority of India Bill 2010 (Bill) has failed to provide adequate safeguards against privacy violations and data breaches.

Interestingly, even if the Bill proposed by UIDAI is made an enforceable law, it still remains unconstitutional. According to Praveen Dalal, Supreme Court Lawyer and leading Techno Legal Expert of India, even if the Bill becomes an enforceable piece of Legislation, it still is vulnerable to the attacks of “Unconstitutionality”. In the absence of “Proper Laws and Adequate Safeguards”, both Aadhar Project and UIDAI would remain “Unconstitutional”, warns Praveen Dalal.

The privacy rights issues are currently pending before the Supreme Court of India. It would be a good idea to strengthen Privacy and Data Protection Laws of India by “Judicial Activism” in the absence of “Parliamentary Will”, suggest Praveen Dalal.

Behind the façade of social inclusion and welfare scheme, the naked face of Aadhar and UIDAI is very apparent. Aadhar project is an instrumentality of e-surveillance in India. Its only purpose is to serve the unlawful interests of intelligence agencies of India and law enforcement demands in India.

Let us not be fooled by the façade of social inclusion and welfare scheme and ask the government of India to enact suitable and adequate privacy and data protection laws before Aadhar is fully operational in India.