Trained Cyber Police Force Of India Is Needed

Modernisation of police force of India is an issue that has not received much attention of Indian government in general and ministry of home affairs of India in particular. Even the so called cyber crime cells of India lack expertise in fields like cyber law and cyber crimes. The truth is that police in India needs urgent cyber law training.

Perry4Law Techno Legal Base (PTLB) of Perry4Law has been providing techno legal cyber law and cyber forensics trainings for law enforcement, lawyers, judges, corporate CEOs, etc. PTLB is the exclusive techno legal training institution of India that provides a combination of technical and legal trainings to various stakeholders.

Cyber crimes in India are increasing and victims of such cyber crimes have virtually no redress. Neither the police officials nor the courts are well trained to deal with high tech crimes in India.

Merely opening few cyber crime cells in some states would not serve the purpose. Even opening of such cyber crime cells in all parts of the country would not serve any purpose. What is the purpose of opening such cells if they cannot investigate cyber crimes and book the cyber criminals for various cyber crimes?

Till now the sole techno legal cyber forensics research, training and educational centre of India is managed by PTLB and Perry4Law. This cyber forensics centre of India has been providing cyber forensics best practices in India and is also disseminating techno legal information regarding cyber law, cyber security, cyber forensics, cyber espionage, cyber terrorism, human rights in cyberspace, etc at national and international level.

We need more training institutions on the lines of PTLB/Perry4Law. Further, it is high time for Indian government to work on a public private partnership model that can include techno legal institutions/firms like PTLB/Perry4Law.

Privacy And Data Protection Law Firms In India

Of late, privacy and data protection issues have assumed importance from the commercial and legal point of views. Commercially privacy and data protection are required to be protected to retain strategic advantage. Legally privacy and data protection are required to be protected under the laws of various jurisdictions.

Privacy is a concept that is unknown to Indian culture. However, slowly and steadily it has started gaining importance. When i talk about privacy, it not only includes the traditional privacy requirements but the more demanding requirements of our present times as well.

In the age of Internet and social networking, privacy has assumed a totally different meaning. There are many privacy violations in cyberspace and the role of good techno legal lawyers and law firms is very apparent in punishing the offenders.

According to B.S.Dalal, partner at New Delhi based ICT and IP law firm Perry4Law and a techno legal expert, “Techno legal privacy protection, data protection and data security lawyers and law firms are limited in nature. As far as India is concerned, we have no dedicated privacy, data protection and data security law. This is a serious limitation that is resulting in poor privacy, data protection and data security legal practice in India”.

However, sooner or later regulatory framework for privacy and data protection in India would be required. Further, disputes regarding privacy and data protection would also increase in future. This would require techno legal expertise on the part of lawyers and law firms.

The outsourcing industry must pay a special attention to the techno legal requirements of privacy, data protection and data security issues. Perry4Law and Perry4Law Techno Legal Base (PTLB) have strongly recommended formulating and adopting best practices by stakeholders in this regard.

The Search Engine Quality Of Google Is Deteriorating

Up to some time before, Google was considered synonymous with search engine results. However, the picture is fast changing now when competitors are fast catching up with the quality of Google and are challenging its market share.

Have you noticed that the search results in Google search engine do not reflect the correct and true picture? If you are a blogger and using the blogspot platform, you must have also realised that your posts are appearing only after a period of 2/3 days.

Further, in the past there are clear cut examples of Google censoring and filtering news and search results, at least in India. Further, Google has also been messing up with search placements whether by default or otherwise.

Now consider the search engines like Yahoo, Bing and DuckDuckGo. They have acquired a good reputation and goodwill among the users due to their consistency and lack of censorship activities.

I analysed the four search engines with a common search query and was surprised to find how Google simply does not index the blog posts that were immediately picked up by other search engines.

I also checked the webmaster tool of Google but there were no indexing errors or errors of other type that could have resulted in non indexing or poor indexing of blog posts. Naturally, either Google’s algorithm has been deteriorated to a level that would ultimately affect it reputation and usage or it is deliberately censoring and manipulating the results.

Either way this is too much for users like me who prefer to shift to other search engines for getting legitimate, genuine and good results. My personal ranking for search engines, for the time being, is Yahoo, DuckDuckGo, Bing and Google.

Cyber Security Law Firms In India

Technology has brought its own share of legal challenges for both law makers and lawyers. For law makers, technology has posed a challenge of enacting suitable laws that can meet the challenges of misuse of technology. For lawyers, technology has come as an unexplored area that they have to understand, apply and argue in courts and corporate environment.

Take the example of India. There are very few cyber law firms in India or cyber law lawyers in India who can understand and apply the same. Even the cyber law consultants in India are handfuls that are serving the corporate entities.

One area that has recently interested the legal community pertains to cyber security. Although cyber security as a legal field has started gaining attention of foreign lawyers and law firms yet cyber security law firms in India or cyber security lawyers in India are still missing.

Of course, exception in the form of Perry4Law and Perry4Law Techno Legal Base (PTLB) can be found in India. Perry4Law is the exclusive techno legal ICT and IP law firm of India that has acquired international reputation in the fields like cyber law, cyber security, cyber forensics, etc.

B.S.Dalal, partner at Perry4Law opines, “One positive development that I have recently noted about these techno legal fields is that lawyers and law firms have started exploring the areas like cyber law, cyber security, cyber forensics, etc. Although the number of such lawyers/law firms is negligible yet the growing interest in the techno legal fields would increase such numbers in future”.

Further, techno legal issues would also change the way traditional businesses and transactions would be carried out in future. For instance concepts like cyber insurance, online dispute resolution, e-courts, digital evidencing and e-discovery, media forensics, cyber forensics, etc would be very much used in future, says B.S.Dalal.

Indian legal fraternity must start exploring techno legal fields that would take tremendous time, energy and efforts to understand and apply. The sooner it is done the better it is for the legal fraternity of India.

Want Better Search Results Try DuckDuckGo and Yahoo

Of late the search results of Google India have messed up badly. If you are a blogger who is blogging for years, you must have already noticed poor placement of your blog posts at Google’s search engine.

As a matter of fact other search engines like DuckDuckGo, Yahoo and Bing are producing much better results. There can be many reasons for this poor listing of blog posts at Google.

These include censorship on behalf of Google under government pressure, manipulation by rouge employees at Google, spam blog posts by a particular blogger, discrimination in favour of commercial entities by Google, poor search engine optimisation (SEO) by concerned blogger, non qualitative and repetitive contents, etc.

Initially it was content farming and splogs that caused trouble for Google, now its poor search algorithm is bringing bad name for it. Google must pay special attention to its Indian operations as they are not up to the mark and are not meeting the Google’s philosophy and corporate policy.

In these circumstances it would be a better option for SEO companies and bloggers to target other search engines like DuckDuckGo, Yahoo, Bing, etc as presently they are providing more relevant, unbiased and specific search results than Google.

Serious Fraud Investigation Office (SFIO) Of India Would Get More Powers

Serious fraud investigation office (SFIO) is a corporate fraud investigating body under the ministry of corporate affairs (MCA), India. SFIO has been seeking broader powers to carry out investigations abroad. Now the MCA is considering this proposal of SFIO that would allow it to trail funds abroad.

Lack of such powers has also been hampering SFIO’s investigations into the multi-crore Satyam fraud as the company has operations in other countries also. Set up in 2003, the government plans to give the SFIO more teeth in the new Companies Bill, which was tabled in Parliament last August.

A permanent cadre for the SFIO is also under consideration to ensure more stability to the body. Diversion of funds is a Companies Act violation, but when funds are hived off abroad it becomes a hawala transaction, and falls under the ambit of the Enforcement Directorate.

The proposals to give SFIO more teeth for investigation are mostly based on the recommendations of the V Vepa Kamesam Committee. Giving the SFIO powers to trail illegal money stashed away abroad is, however, not part of the committee's suggestions.

The eight-member committee had suggested that the SFIO be given exclusive jurisdiction to probe and prosecute entities involved in financial frauds, besides also probing cases related erring entities/individuals like chartered accountants and company secretaries.

The committee is of the opinion that power of search and seizure, and attachment should be entrusted with the SFIO as available with the Income Tax authorities, Customs, Enforcement Directorate etc.

It has also suggested that the SFIO be empowered to take up a case suo moto and even on a source-based information if a fraud has been committed. The committee has also called for the SFIO having flexibility to outsource the services of experts like chartered accountants, legal experts etc and officers joining the investigating agency on deputation be ensured protection of their existing pay and allowances.

UIDAI Served With Legal Notices Challenging Its Constitutionality

Aadhar project of India is managed by Nandan Nilekani led unique identification authority of India (UIDAI). It has always remained in controversies since it has been launched.

Neither Aadhar project nor UIDAI are governed by any legal framework and parliamentary oversight. Aadhar project and UIDAI are purely executive projects with no constitutional sanctity. In fact Aadhar project and UIDAI are operating in an “unconstitutional manner”. Even the Prime Minister of India, Dr. Manmohan Singh, has not given a serious thought to the Aadhar project and UIDAI.

Now legal notices have been served upon UIDAI questioning its credentials and constitutionality. The notices have asked the legal sanctity behind the process of acquiring biometric data of people to provide them the 12-digit UID number even before a law on UID comes into force.

The two legal notices issued to UIDAI chairman Nandan Nilekani on July 5 and July 6 also raise concerns over UID numbers invading the privacy of individuals as these are for multi-utility service use, and would force individuals to leave trails, allowing invasion of their privacy.

Mathew Thomas, general secretary, Citizens’ Action Forum, and V K Somashekhar, founder patron, Coordinated Action of Consumer and Voluntary Organisations of Karnataka (CACVOK), have separately issued legal notices to Nilekani on Tuesday and Wednesday through their respective advocates.

US Legal Workforce Act Of 2011 And E-Verification

The Legal Workforce Act of 2011 of US has been doing rounds these days. However, it has also raised many privacy and identity theft concerns as well. Privacy groups of US have been opposing the same as undesirable and a problematic law.

These privacy groups believe that storing highly sensitive information, including the biometric details, of the employee would cause many cyber security and identity theft issues.

The proposed Bill would force the employers to use the federal E-Verify system to vet new employees and to verify that new hires and current employees can legally work in the US.

All employers would be required to compare information supplied by current and prospective employees with information contained in Department of Homeland Security (DHS) and the Social Security Administration (SSA) databases. As part of the verification process, the Social Security number provided by new hires would be compared with the name on record.

The Bill also proposes a pilot biometric authentication program that would let employers fingerprint employees as part of the vetting process. The Bill calls for penalties of up to $25,000 per violation and imprisonment of at least one year for employers who refuse to use E-Verify.

In India as well the Aadhar project managed by unique identification authority of India (UIDAI) is facing similar problems. There is neither a legal framework supporting the Aadhar project of India nor Aadhar project is secure from physical thefts and cyber attacks.

Are International Cyber Security Initiatives Enough?

While going through a good article on cyber security, I was thinking is the cyber security initiatives at national and international levels enough?

The article has contended that cyber security at the international level is not upto the mark and there is an urgent need of bringing international harmonisation in this regard.

Even there is no international cyber law treaty and different countries are governed by different cyber laws. This at times creates jurisdictional problems.

Even at the national and international cyber security events no consensus has reached for formulating an international cyber security convention.

As far India is concerned, we have no cyber security policy in India and even the cyber security laws in India are missing.

I believe it is high time for India and international community to consider cyber security seriously. The sooner we adopt sound cyber security in India the better it would be for the larger interest of India.

CBI Exemption From RTI Act 2005 Challenged In Delhi High Court

Indian government exempted the central bureau of investigation (CBI), national investigation agency (NIA) of India and national intelligence grid (Natgrid) from the applicability of right to information act 2005 (RTI Act 2005).

Despite sever protests from civil liberty activists and legal experts, Indian government took this controversial step. Of course, it is against the constitution of India as per leading techno legal experts of India.

Naturally, this decision was also liable to be challenged in the constitutional courts of India. Now it has been reported that this decision of Indian government has been challenged in the Delhi High Court by petitioner Sitab Ali Chaudhary.

The Delhi High Court admitted public interest litigation and posted the hearing on it on July 6th. The petitioner claimed that hiding information sought under the RTI Act is unconstitutional.

The petitioner has contended a very limited argument as there are many more grounds available that can make the government’s decision illegal and unconstitutional. Hopefully, the same would be covered during the hearing of the PIL.

Committee Of Secretaries (COS) Considers Right to Privacy

Right to privacy is a very important law that is missing from the list of Indian laws. For decades the right to privacy has been ignored by Indian government. However, a stage has reached where many crucial projects of Indian government have become “unconstitutional” as these are violating the crucial right to privacy as declared by the Supreme Court of India.

Now Indian government is considering enacting a privacy law for India. A Right to Privacy Bill 2011 has been proposed by Indian government in this regard. However, it has not been made public by Indian government till now and this raised a question upon the commitment of Indian government in this regard.

Meanwhile media reports have claimed that the proposed privacy law may cover all individuals in India irrespective of whether they are citizens of the country or not. This means foreigners who work in India and tourists from abroad will enjoy the same privacy rights as Indian citizens. This is a good provision if finally incorporated in the proposed privacy law.

The decision was taken at a meeting of the committee of secretaries (COS) called by the cabinet secretariat a few weeks ago. The COS members said just as every person living in India had a right to life and liberty, the right to privacy should cover every individual in India.

The COS also decided to exempt journalistic publications. It also suggested a few exemptions related to protection of sensitive personal data. It proposed that insurance companies be allowed to access the health data of individuals and employers the banking and financial data of their employees. It also agreed on strong provisions to check unsolicited commercial communication. This will curb spam emails that fraudsters use to get financial information from individuals.

The COS also wanted a list of agencies that could intercept phone calls. The circumstances under which a communication can be intercepted and the authorities that can order such interception should also be detailed, according to the COS.

However, the Prime Minister’s Office has made it clear that surveillance by intelligence agencies for national security should not be hampered. The members pointed out that intelligence gathering for security purposes would be exempted. However, intelligence work should not be an excuse for non accountability and non transparency.

The COS suggested that while there should be a provision on CCTV coverage and other methods of surveillance, the right to privacy should not apply to images captured in a public place as the individual concerned is well aware that he is at such a place. The members also wanted more clarity on sharing of information among government departments.

The COS also decided to set up a council to advise the government on data privacy issues. It was also agreed that the cyber tribunal set up under the Information Technology Act 2000 should be designated as the appellate tribunal for the purpose of this Bill. A data protection authority with powers to punish offenders was also proposed.

Some of these proposals are really good whereas others require more detailed analysis and discussion. Further, there are many more issues that have not yet been covered by the proposed Bill and they also need to be incorporated in the same.

Attorney General Bats For CBI Exclusion From RTI Act 2005

Central Bureau of Investigation (CBI) is the premier investigating authority of India. It is, however, not at all an intelligence agency though it may be handling few intelligence related aspects or cases. Intelligence work was the main excuse that was given by Indian government to exempt CBI from the applicability of right to information act 2005 (RTI Act 2005).

Indian government also exempted national investigation agency of India (NIA) and national intelligence grid (Natgrid) from the applicability of RTI Act 2005. Interestingly, the constitutional validity of national investigation agency act, 2008 (NIA 2008) is still doubtful and CBI and Natgrid are not governed by any legal framework.

Attorney General of India Goolam Vahanvati has opined that the exclusion of CBI from the purview of RTI Act 2005 is justified on the ground that CBI was also involved in intelligence-gathering as well as safeguarding the country’s economic security. He, however, failed to understand that national security and fundamental rights must be reconciled and primacy of one over another without reconciliation attempts would itself violate the constitutional provisions.

Further, Natgrid, CBI and Intelligence Agencies of India are presently not “Accountable” to Parliament of India, informs Praveen Dalal, leading techno legal expert of India and CEO of Human Rights Protection Centre in Cyberspace of India. Human Rights are regularly targeted by Indian Government and its Agencies without “Constitutional Laws”. Without Parliamentary Scrutiny and Judicial Review these Agencies cannot be considered to be “Constitutional”. If these Agencies are themselves “Unconstitutional” their functioning is also “Unconstitutional”, suggests Dalal.

Vahanvati justifies the stand of Indian government by saying that while the “main purpose of intelligence gathering and assessment is prevention and occurrence of activities which would endanger the security of the country, it cannot be restricted only to gathering of intelligence prior to happening of an event but should extend to post-event intelligence gathered which falls under investigation.

While this is a sound proposition but it does not mean that intelligence work should be an excuse for non accountability and non transparency. If Indian Government wishes to make the functioning of Intelligence Agencies “secret” there must a “Mechanism” to ensure that “Parliamentary Oversight” of these agencies does exists, opines Dalal. Presently there is no Parliamentary Oversight of these Agencies, informs Dalal.

In these circumstances, the decision of Indian Government to exempt CBI and Natgrid is not based upon “National Interest” and “National Security” but upon “Extraneous Considerations” and it deserves to be set aside by our Constitutional Courts, suggests Dalal. Let us see how things develop in this regard in India.

Cyber Defence Research Centre For Ranchi Stalled

Police in India is not very much comfortable with issues pertaining to cyber law and cyber security. Even if cyber crimes cells have been opened all over India they have not proved to be successful in the absence of adequate expertise.

India has also a very poor cyber crime conviction rate. The reason behind this is the police officers, lawyers and judges themselves are clueless about cyber crime.

Even if police force of India tries to make itself tech savvy, red tape and other governmental hurdles do not allow them to do so. For instance, the cyber defence research centre (CDRC), once proposed by the state of Jharkhand, seems to be the need of the hour with the government's official website being hacked twice in the past and recent successful cloning incidents of ATM cards at fuel pumps. In spite of alarms raised in the past by cyber experts in the capital and senior police officers, the proposal for CDRC constitution is yet to receive final nod of the government. The proposal for constitution of CDRC was sent to the state government for approval in March 2010.

The CDRC would constitute one chief technological officer (CTO) and two senior advisers from IT sector besides three cyber security professionals to be appointed from among civilians. The rest of the positions would be filled up by policemen trained in cyber security.

Special Branch IG S N Pradhan said once the CDRC was in place, Jharkhand would be one among the main centres of cyber security in India. Pradhan added that the centre would not only check cyber crime in state but also conduct high end research on cyber security and carry out cyber forensic tests to extend assistance to the security professionals at national level.

Till now, Perry4Law and Perry4Law Techno Legal Base (PTLB) are managing the exclusive techno legal cyber security research, education and training centre of India (CSRTCI). Perry4Law and PTLB are also managing the exclusive techno legal cyber forensics research and training centre of India.

Despite various efforts, the law enforcement and intelligence agencies in India seem to be helpless in front of modern technological crimes like cyber crimes in India, terrorism and cyber-terrorism. India needs to tackle this problem as soon as possible.

Legal Empowerment Of Indian ICT

Legal empowerment of Indian information and communication technology (ICT) regime is still missing. We have no legal enablement of ICT systems in India in true sense.

Legal enablement of ICT presupposes adoption of a legal framework that can take care of various dealings in the cyberspace.

Cyberspace is very vast and borders less. It is very difficult to regulated cyberspace but national and international laws are required to bring some sort of discipline in the otherwise chaosed cyber world.

Cyber law of India is weak and experts have been suggesting it should be repealed. We have no data protection and privacy laws in India. Even cyber security and cyber forensics laws are missing in India.

On the policy front as well India is lagging far behind. We do not have policies regarding critical ICT infrastructure protection, cyber warfare, cyber security, etc.

India has to do a lot in order to legally empower the ICT usage in India. The sooner it is done the better it would be for India in general and Indian citizens in particular.

Jan Lokpal Bill Of India 2011

The efforts to have the Jan Lokpal Act of India 2011 are in full progress. However, till now they are at the stage of drafting a Bill for that purpose.

Even a final draft Bill has not yet been prepared. In all probability it may not be prepared till the deadline of 30th June 2011.

Meanwhile, Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India has explained what an ideal Jan Lokpal Bill must have. He has also sent these suggestions to the government of India.

He has also introduced the element of information and communication technology (ICT) for effective applicability of the proposed law.

The present Drafts proposed by both Indian government and civil liberty activists do not cover the points suggested by Praveen Dalal.

Since he has also sent these suggestions to Indian government, they may be considered while drafting the final draft.

Till now Indian government has not shown any serious efforts to make the proposed Jan Lokpal Bill strong and effective.

The suggestions given by Praveen Dalal, if incorporated, can make the final draft strong and effective.

Google News Censorship Increased Further

Google has been censoring news results for long. While censoring of unique identification authority of India (UIDAI) related posts is a very regular feature yet censorship and filtering of news regarding international organisations like World Bank and world intellectual property organisation (WIPO) is the latest trend.

For some strange reasons the article titled WIPO patent committee discussed tech transfer and public health has been filtered twice. There is no technical error and webmaster tool of Google is also not showing any error. Even the novel excuse of Google news server 503 error is also missing.

Google has been in controversies from time to time. Whether it is illegal data gathering, censorship of Google news searches, manipulation of search results, etc, Google has been doing it all.

Further, Google has been censoring critical web posts regarding Aadhar project of India and unique identification authority of India (UIDAI) for the past two or more years. Further, it has also temporarily filtered some of our posts questioning the practice of World Bank to grant unaccountable loans to countries like India. Further, international loans and grants related posts questioning the role of World Bank and Indian government are also poorly placed in search results.

It is not clear why Google is doing so. But it would be safe to presume that Google is doing this to safeguard its own commercial interests in India even if means violating civil liberties of Indians. The draconian cyber law of India has finally started showing its true nature. Let us see what is waiting for us in future.

Cyber Command And Control Authority Of India

Cyber security is an issue that has always been ignored by India. As a result, cyber security of India is in a poor condition. Cyber security is not mere formulation of policies but their actual implementation. At this level of implementation, Indian government fails miserably as it lacks the techno legal skill necessary to implement cyber security policies.

India needs skilled techno legal professionals who can implement the cyber security policy of India. As a matter of fact, till now we have no cyber security policy in India and we need to formulate a good one as soon as possible.

India must formulate effective Preventive and Offensive Cyber Capabilities to safeguard its Cyberspace and Critical Infrastructure, suggests Praveen Dalal, managing partner of New Delhi based techno legal firm Perry4Law and leading techno legal expert of India. India must develop Cyber Warfare Capabilities as soon as possible, suggests Dalal.

There is no doubt that Indian national security must have information warfare as an essential component. Taking clue from various suggestions of techno legal experts of India, the Manmohan Singh government is in the process of establishing a cyber command and control authority for India. This would be a centralised mechanism that would be placed under the National Security Adviser who reports to the PM.

This is a good step in the right direction, says Dalal. This was a much needed initiative that has, at last, got the attention of Indian Government. The only thing that remains to be seen is how effectively this initiative would be handled by Indian Government, says Dalal. Let us see how the National Security Adviser would proceed with this initiative.

Does World Bank Ensures Accountability To Its Loans?

I wrote a critical article titled “Does World Bank Sees What Happens To Its Loans?. For some strange reasons, this article of mine was censored by Google. Of late Google has been censoring views and opinions that are critical to Indian government. For instance, articles on Aadhar project and UIDAI are frequently censored by Google. Thanks to the draconian cyber law of India, this is now possible without following any due process in India. I am reposting this article so that Google can censor it one more time and I can repost it once again.

Loans are granted by international organisations and institutions for the development of a nation. But it is a rare occasion when such loans are actually utilised for the development of such nation. On the contrary, such loans just ensure the personal development of ministers and bureaucrats and common man never receives the benefits of such loans or grants.

Recently the World Bank and Indian government signed a loan agreement of $150 million for the e-delivery of public services in India. The loan has been granted as the e-delivery of public services development policy loan to be utilised under the national e-governance plan of India (NEGP). However, the bigger question is would this loan be utilised for the benefit of common man?

Keeping in mind the past record, the answer seems to be in negative. India has a poor track record of e-governance utilisation and providing of electronic delivery of services in India. We have no legal enablement of ICT systems in India and legal framework for e-delivery of services in India is also missing. In fact, as per e-governance experts of India, e-governance in India is dying. Without a mandatory e-governance services in India, e-delivery of services in India cannot be achieved.

According to Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India, “The Government and Indian Bureaucrats need to change their mindset and stress more upon outcomes and services rather than mere ICT procurement. India needs a services-based approach that is not only transparent but also backed by a more efficient and willing Government. Presently the Bureaucrats and Government of India are in a “resistance mode” towards novel and effective e-governance policies and strategies and they are merely computerising traditional official functions only. This is benefiting neither the Government nor the citizens and is resulting in wastage of thousands of crores of public money and United Nations Development Programme (UNDP) and World Bank Grants amount”.

“The Governmental will and leadership is missing in India. To worsen the situation the Government of India is concentrating more upon the image rather than upon the end results. The grassroots level action is missing and the benefits of ICT are not reaching to the under privileged and deserving masses due to defective ICT strategies and policies of Indian Government. India is suffering from the “vicious circle” of defective e-governance, as the basic input .i.e. governance itself is poor. India needs a “virtuous circle” of e-governance through good governance that would have multiplication and amplification effect upon e-governance efforts of Indian Government, says Praveen Dalal.

E-delivery of public services in India is missing and World Bank is not at all interested in establishing transparency and accountability in Indian NEGP. World Bank must ensure accountability of Indian NEGP in order to show that its loans are actually meant for growth and development of Indian masses rather than benefiting few politicians and bureaucrats as is happening right now.

The loans granted by World Bank must be tied up and accountable loans. These loans must be tied up with performance and achievement and must be released in stages only. Once the first stage is accomplished satisfactorily then only the next stage loan must be given.

However, neither World Bank nor Indian government is in a mood to actually utilise the granted loans for the betterment of Indian masses. Why and for whom these loans are granted would always remain a big question.

Intellectual Property Rights Services In India

Intellectual property rights in India (IPRs in India) need no introduction. These include areas like copyright, trademarks, patents, geographical indications, semiconductor protection, domain name protection, etc. Even IPRs services of India are world renowned. We have professionals and firms that are world renowned for providing world class IPRs services in India.

However, today’s IPR environment has become techno legal in nature. IP Professionals of India must be well versed with both technical and legal aspects of IPRs. Technological issues of IPRs in India are difficult to understand and apply. Cyber crimes are affecting IPRs like trade secrets and data protection severely. Techno legal IPR skill development in India is the need of the hour.

Similarly, legal process outsourcing in India (LPO in India) and knowledge process outsourcing in India (KPO in India) pertaining to IPRs is also required to be tuned up. LPO and KPO is no more a simple clerical work. They now require expertise that very few firms can provide.

Perry4Law and Perry4Law Techno Legal Base (PTLB) specialise in Techno Legal IPR Services. Further, PTLB is also managing the exclusive techno legal IPR LPO and KPO of India. PTLB is also providing exclusive techno legal ICT and IPR skill development in India.

While the IPR field is thriving upon innovation yet IPRs service providers are themselves have to be more innovative to cater the service requirements of these IP owners. PTLB manages one such resource that provides innovative IPR LPO, KPO and techno legal services to clients worldwide.

If you are interested in the techno legal intellectual property rights services in India and abroad, keep a close watch upon the IP Blog of PTLB. The Blog is covering areas like copyright, trademarks, patents, traditional knowledge, semiconductor industry, geographical indications, etc.

Further, if you are interested in great IPR LPO and KPO services in India and world wide, Perry4Law and PTLB are the number one choice. In short, Perry4Law and PTLB provide world class intellectual property rights services in India.

Self Defence And Deterrence In Indian Cyberspace

Self defence in cyberspace may be exercised either against private individuals or against government and its agencies. In both cases, a well established self defence infrastructure must be established at the governmental and individual levels. India urgently needs a proactive self defence mechanism in cyberspace to effectively tackle private and governmental cyber intrusions.

Any government agency of India can tap your phone or engages in e-surveillance of your e-mails and other electronic communication without a constitutionally sound law. We have no constitutionally sound lawful interception law in India and phone tapping and e-surveillance in India are done in an illegal and unconstitutional manner.

India is the only country of the World where Phone Tapping and Interceptions are done without a Court Warrant and by Executive Branch of the Constitution of India, informs Praveen Dalal, managing partner of New Delhi based exclusive ICT law firm Perry4Law and leading techno legal expert of India. Phone Tapping in India is “Unconstitutional” and the Parliament of India has not thought it fit to enact a “Constitutionally Sound Law” for Phone Tappings and Lawful Interceptions. Even the Supreme Court’s directions in PUCL case have proved futile and presently the Court is dealing with the issue once more, informs Dalal.

Of all e-surveillance project, nothing is worst than the Aadhar project of India and its implementing unique identification authority of India (UIDAI) headed by Nandan Nilekani. Irrespective of what Nandan Nilekani and Indian government says, Aadhar project and UIDAI are serving a very vicious, evil and nefarious objective of e-surveillance without procedural safeguards. Surprisingly, even Google is censoring results pertaining to Aadhar project and UIDAI and is messing up with search placement results.

India has an exclusive Techno Legal Centre for Protection of Human Rights In Indian Cyberspace (HRPIC). Indian Government must maintain a “Delicate Balance” between National Security requirements and Protection of Fundamental Rights, suggests Dalal.

However, expecting this type of fair and honest behaviour from Indian government and its agencies would itself be unfair. Indian government is least bothered to protect human rights in cyberspace of Indian netizens. Even United Nations (UN) has failed to take notice of this serious situation.

The exercise of self defence against Indian government and its agencies seems to be the only option especially when the Parliament of India has abdicated its role of law making and parliamentary oversight.

Technology Arbitration In India

Both technology related and technology assisted arbitrations in India are rare. Cyber arbitration in India and cyber arbitration and mediation centers in India is difficult to find in India. In fact, we have a single techno legal technology arbitration and mediation centre in India.

Recently World Intellectual Property Organisation (WIPO) has revealed in a statement that cyber squatting has increased significantly. Now the problem in India is that we have no domain name protection law hence securing domain name protection in India is a very tedious job. Further, there are very few individuals and institutions that provide domain name dispute resolution services in India or technology related dispute resolution services in India.

Perry4Law Techno Legal Base (PTLB) is the premier techno legal segment of exclusive techno legal ICT law firm of India Perry4Law. It is providing techno legal online dispute resolution services. Further, it is also managing the exclusive e-courts training and consultancy center of India.

We have to invest in adequate skill developments in India regarding ODR and e-courts as most of the technology related disputes would be solved through theses mediums only in the future.

Electronic Banking In India

This is the updated version of my previous article on same topic. Electronic banking in India or e-banking in India is increasingly being used by both banks and customers alike. This brings mobility and convenience to both banks and customers. However, with the benefits there are drawbacks of e-banking as well. This article addresses some of these concerns.

Reserve Bank of India (RBI) has come across many complaints and disputes regarding fraudulent credit card, online banking and ATM transactions. Even phishing incidences have sharply arisen in India resulting in loss of money of public at large. RBI ombudsmen office has been flooded with such complaints.

In these circumstances, online banking in India is risky. We have no e-banking laws in India and this also makes the mobile banking in India risky. Even RBI has acknowledged risks of e-banking in India.

E-banking in India cannot succeed till a strong legal framework in this is enacted. According to Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India, we have no dedicated E-Banking Law in India. Although, RBI has issued many guidelines in this regard and even our Information Technology Act, 2000 contains some indirect and implied provisions for Internet or E-Banking yet we need a separate and dedicated law in this regard, opines Praveen Dalal.

Recently, G Gopalakrishna, the executive director of RBI, said that all Banks would have to create a position of Chief Information Officers (CIOs) as well as Steering Committees on Information Security at the Board Level at the earliest, informs Dalal. This step was taken to ensure proper Cyber Security Policies and Strategies at the highest Board Level of Banks, says Dalal.

Although RBI has mandated cyber due diligence for banks in India especially the due diligence for banks under IT Act 2000 yet banks have still to keep their functions in order. Indian banks are poor at cyber security and they are in no mood to appoint CIOs and steering committee.

Recently the final report of working group of RBI on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds has been released. It has prescribed the time limits for implementation of RBI recommendations on information security. With the deterrent approach of RBI towards non compliance, it would be safe to presume that CIOs, steering committee and cyber security related compliances would also be taken seriously by RBI.

It is high time for banks operating in India to keep their e-banking infrastructure technologically and legally sound. The best option for banks seems to be to adopt Techno Legal Measures that covers both Technical and Legal aspects of Banking, suggests Dalal.

Implementation Of RBI Recommendation On Information Security

The forming of Working Group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds by Reserve Bank of India (RBI) was a landmark step taken by RBI. Equally impressive was the imposition of penalty upon 19 commercial banks by RBI for non compliance of prescribed standards.

This shows that RBI is not tolerating the causal and non compliance attitude of commercial banks in India. It would be even better if RBI is equally concerned about non compliance of the recommendations regarding adoption of information security related policy and infrastructure.

For instance, the report of working group has recommended that all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest. Till now these recommendations have not been complied with. Further, Indian banks are also poor at formulating and implementing cyber security policies.

Now the RBI has issued a notification for the implementation of the recommendations of its working group. The group examined various issues arising out of the use of information and communication technology (ICT) in banks and made its recommendations in nine broad areas. These areas are IT Governance, Information Security, IS Audit, IT Operations, IT Services Outsourcing, Cyber Fraud, Business Continuity Planning, Customer Awareness programmes and Legal aspects.

The report was placed on the RBI website on January 21, 2011. Subsequently, on February 1, 2011, views/comments of all stake-holders and the public at large on the Report were invited. After taking into account various responses, final guidelines in the respective areas as mentioned above are now being issued to banks for implementation.

The guidelines are not “one-size-fits-all” and the implementation of these recommendations need to be risk based and commensurate with the nature and scope of activities engaged by banks and the technology environment prevalent in the bank and the support rendered by technology to the business processes. Banks with extensive leverage of technology to support business processes would be expected to implement all the stipulations outlined in the circular. For example, banks which do not offer transactional facilities in internet banking would not be required to implement specific measures for transactional internet banking facility outlined in the guidelines. Further, various instructions in “IT operations” chapter like detailed configuration management practices may not be necessary for banks that do not develop or maintain critical applications internally, though such practices may be expected from the external vendor providing such services.

The group had endeavored to generate self-contained and comprehensive guidelines. This has resulted in reiteration of certain guidelines already prescribed by RBI, for example, in certain areas relating to information security, outsourcing, BCP and IS Audit. However, there are certain guidelines like the checklist for computer audit prescribed in the year 2002 which on the whole cannot be ignored since the nature of coverage is different. In the event of a direct conflict with an earlier guideline, the new guideline would be the basis for implementation by banks. Else, the relevant guidelines prescribed earlier would be an adjunct to the present guidelines issued herewith. It would be the endeavor of RBI to develop the enclosed guidelines as a Master Circular incorporating relevant old and new circulars on related subject areas in due course. In the event of any further clarifications in the matter, banks may approach RBI for further guidance.

The Group’s report was largely technology neutral except in exceptional circumstances where a specific technology/methodology may be suggested due to legal reasons or for enhanced security or for illustrative purpose. It is clarified that except where legally required, banks may consider any other equivalent/better and robust technology/methodology based on new developments after carrying out a diligent evaluation exercise.

Banks may have already implemented or implementing some or many of the requirements indicated in the circular. In order to provide focused project oriented approach towards implementation of guidelines, banks would be required to conduct a formal gap analysis between their current status and stipulations as laid out in the circular and put in place a time-bound action plan to address the gap and comply with the guidelines. However, banks need to ensure implementation of basic organizational framework and put in place policies and procedures which do not require extensive budgetary support, infrastructural or technology changes, by October 31, 2011. The rest of the guidelines need to be implemented within period of one year unless a longer time-frame is indicated in the circular. There are also a few provisions which are recommendatory in nature, implementations of which are left to the discretion of banks.

Given the fact the guidelines are fundamentally expected to enhance safety, security, efficiency in banking processes leading to benefits for banks and their customers, the progress in implementation of recommendations may be monitored by the top management on an ongoing basis and a review of the implementation status may be put up to the Board at quarterly intervals. Banks may also incorporate in their Annual Report from 2011-12 onwards broadly the measures taken in respect of various subject areas indicated in these guidelines.

The measures suggested for implementation cannot be static. Banks need to pro-actively create/fine-tune/modify their policies, procedures and technologies based on new developments and emerging concerns. Reserve Bank of India would review the progress in implementation of the guidelines in its Quarterly Discussions with banks and would examine comprehensively the efficacy of implementation of the guidelines commensurate with nature and scope of operations of individual banks from the next AFI cycle (for the period 2011-12) onwards.

Cyber Forensics Course In India

Cyber forensics in India is still not in much use. This is primarily because neither the legal frameworks of India have adopted cyber forensics nor the legal and judicial fraternities are well aware of the technicalities of the same. The scientific knowledge that is essential for legal and judicial fraternity is presently missing in India.

On the front of research, education and training as well, India has very few cyber forensics training centers. For instance, India has an exclusive techno legal cyber forensics research, training and education centre managed by Perry4Law.

Perry4Law Techno Legal Base (PTLB), the leading techno legal segment of Perry4Law, provided exclusive techno legal online cyber forensics course in India. This course is one of the techno legal courses that are provided by PTLB. The other courses include cyber law, cyber security, digital evidencing, e-courts, online dispute resolution (ODR), Indian legal services courses, Indian regulatory services courses, etc.

The courses are meant for police officers, lawyers, judges, corporate executives, computer professionals, law graduates, etc. From the stage of investigation to final adjudication by a court, cyber forensics must be used in proper manner. However, cyber forensics in India is not used at all in the absence of adequate training and education.

The cyber forensics courses provided by PTLB can go a long way in strengthening the investigative, legal and judicial system of India. In fact, Perry4Law and PTLB are in the process of circulating the first and exclusive techno legal cyber crime investigation manual of India for selective law enforcement agencies and intelligence agencies of India. This manual is the best cyber crime investigation manual of India so far. It would strengthen the cyber crime investigation capabilities of Indian police and other agencies.

The practices and methods of cyber crime investigation and cyber forensics incorporated in the manual would also be taught to the individuals who have enrolled for the cyber forensics course of PTLB. Further, a special emphasis is given to techno legal skill development so that professional graduates are found more suitable by big companies and industrial houses. So hurry and be a techno legal professional this year and join the cyber forensics course of PTLB.

Draft Right To Privacy Bill 2011 Of India

The right to privacy bill 2011 of India may be the first attempt to regulate privacy related issues. However, as per media reports it seems to be more like a data protection initiative rather than a privacy safeguarding law.

India has created a problem for itself by neglecting the privacy protection requirements for long. India has been launching projects without any legal framework and procedural safeguards. For instance, we have projects like central monitoring system (CMS), national intelligence grid (Natgrid), Aadhar, crime and criminal tracking network and systems (CCTNS), etc that are not governed by any legal framework and procedural safeguards. Even we do not have any lawful interception law in India that can be claimed to be constitutionally sound.

According to Praveen Dalal, managing partner of New Delhi base law firm Perry4Law and leading techno legal expert of India, India is the only country of the World where Phone Tapping and Interceptions are done without a Court Warrant and by Executive Branch of the Constitution of India. Phone Tapping in India is “Unconstitutional” and the Parliament of India has not thought it fit to enact a “Constitutionally Sound Law” for Phone Tappings and Lawful Interceptions. Even the Supreme Court’s directions in PUCL case have proved futile and presently the Court is dealing with the issue once more, informs Dalal.

What is more surprising is the fact that the law enforcement agencies and the intelligence agencies that indulge in unconstitutional e-surveillance and phone tapping are themselves governed by no law. It is no surprise that the central bureau of India (CBI) is also not governed by any law and it is operating in India without any law. It is only now that the central bureau of investigation act 2010 was drafted. Till now it is a mere draft and has not become an enforceable law. Even the constitutional validity of the national investigation agency act 2008 is doubtful. Even the draft Intelligence Services (Powers and Regulations) Bill, 2011 has been recently circulated in the Parliament of India.

If the proposed privacy bill sees the light of the day, a data protection authority of India may be constituted. This authority must be constituted through an Indian regulatory services examination so that it can perform the challenging tasks that it would be entrusted with. For the time being, let us wait for the final draft of privacy bill available for public discussion.