Is ICICI Online Banking System Cyber Secure?

Online banking transactions in India and electronic banking in India are in a real mess. Thanks to the defunct cyber law of India, inadequate cyber security mechanisms like encryption usages for banks, ignoring the cyber security due diligence requirements prescribed by Reserve Bank of India (RBI) and many more such issues.

Naturally, online banking risks in India have increased tremendously. We have no dedicated Internet or e-banking laws in India. Further, online banking systems in India are not cyber secure. Even mobile banking in India is risky.

This position is obvious if we analyse the present trends occurring in India. For example Citigroup had recently confirmed cyber attack upon bank’s network. It is also well known that a timely and appropriate cyber due diligence could have prevented such attacks and various cyber frauds that are growing in the banking sector of India.

Now it has been reported that a proof-of-concept virus has been developed by a security professional to attack the ICICI Online banking using the Man-in-Middle / Man-in-Browser attack method. It shows what an attack can do to an online banking customer who uses ICICI online banking facility and how it can result in financial loss.

Naturally, cyber security of banks in India is not in order at all. Cyber Security Policy for Banks in India is an issue that is very important for Banks of India, says Praveen Dalal, managing partner of New Delhi base ICT law firm Perry4Law and leading cyber law expert of India. With the growing use of Internet Banking, ATM machines, Credit and Debit Cards, Online Banking, etc, Banks of India must also upgrade their Cyber Security Infrastructure and establish a Cyber Security Policy, suggests Dalal.

An integrated modern banking law for India is in pipeline and it would be a good idea to make it techno legal in nature so that it can address cyber crimes and cyber security in a more effective manner. Corporate and banking laws in India are in the process of being streamlined. RBI has even issues a notification prescribing enhanced due diligence measures for high risks customers in India. RBI is planning to boost ATM security in India. On similar lines, RBI must curb online banking crimes and frauds in India.

Banks in India need to adopt techno legal measures to prevent ATM and other similar financial frauds and cyber crimes. Further, cyber due diligence trainings for bank employees can also be beneficial in this regard. Banks must also appoint steering committees and CIOs as soon as possible.

Cyber Law Firms In India

Cyber law of India is a very young legal framework. The information technology act, 2000 (IT Act 2000) brought the cyber law of India in existence. With the passage of time, many amendments were also introduced in the cyber law of India. However, cyber law being a dynamic and updating law requires continuous upgradations and improvements.

Being a new field, there are very few lawyers and law firms that are dealing with cyber law litigation, consultancy and corporate advisory services. Further, there are only handfuls of experts that are providing cyber law due diligence services in Delhi, India.

However, a few law firms in New Delhi, India are really good in cyber law field. In fact, these law firms are giving cyber law a new shape in India. However, there is a single techno legal cyber law firms in New Delhi, India and world wide that manages both technical as well as legal aspects at the same time.

Perry4Law is the exclusive techno legal ICT and IP law firm in New Delhi, India and world wide that has acquired international reputation in the fields like cyber law, cyber security, cyber forensics, etc. Perry4Law Techno Legal Base (PTLB) supplements the techno legal expertise of Perry4Law.

One area that has recently interested the legal community pertains to cyber security. Although cyber security as a legal field has started gaining attention of foreign lawyers and law firms yet cyber security law firms in India or cyber security lawyers in India are still missing.

Perry4Law is also the exclusive cyber security law firm in New Delhi, India.As more and more people are using information and communication technology (ICT), cyber contraventions and cyber crimes are increasing in India at an alarming speed. Lawyers and legal firms in India need to upgrade their cyber skills. Similarly, cyber crimes investigation training India is also required in India for various stakeholders.

E-Commerce Lawyers And Law Firms in India

Electronic commerce (e-commerce) in India is witnessing a rapid growth. As more and more business entities and entrepreneurs are becoming aware of the benefits of online presence and brand promotion and protection in India, e-commerce has become a popular method of doing business. Even domain name protection in India has assumed significance due to this reason.

We have no dedicated e-commerce laws in India. However, the information technology act 2000 (IT Act 2000), which is the sole cyber law of India, is regulating the e-commerce business and transactions in India. Internet intermediaries liability in India under the IT Act 2000 is very stringent.

For instance, the e-commerce players can be held liable for online infringement of copyright in India of the copyright owners. Cyber law due diligence in India is one aspect that all e-commerce site owners must frequently engage in. The present laws of India are stringent in nature and subsequently claiming ignorance of such laws would not make much difference.

Further, e-commerce regulatory requirements are techno legal in nature that very few can understand. For instance, Perry4Law is the exclusive techno legal ICT and IP law firm of India and world wide. Among other areas, techno legal services pertaining to e-commerce litigation, consultancy, corporate advisory, contract drafting, etc are by Perry4Law.

Presently, very few lawyers in India familiar with technological aspects in general and e-commerce laws in particular. Lawyers in India need to upgrade their skills and knowledge in the upcoming fields like cyber law, e-commerce, etc.

For e-commerce entrepreneurs and business houses, Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that before opening an e-commerce site or business, the owner of the same must consult a good techno legal law firm that can advice him upon all the possible and applicable aspect of e-commerce laws in India.

A failure to do proper cyber due diligence before opening an e-commerce portal in India may be counter productive and attract fines, penalties and criminal sanctions. It is better if a proper legal due diligence has been done in this regard before opening the e-commerce business in India.

Reverse Migration Of Workforce To India Is Anticipated

There was a time when brain drain from India was happening at a great pace. This was because the employment opportunities and living conditions of other nations, especially developed nations, was incentive enough to migrate to such countries.

With the economic growth of India and better working conditions available at India, workforce is considering returning back to India. Further, areas like business process outsourcing (BPO), legal process outsourcing (LPO) and knowledge process outsourcing (LPO), etc are already dominated by India.

Legal process outsourcing in India (LPO in India) and knowledge process outsourcing in India (KPO in India) are now attracting not only foreign employers but also foreign employees. Even Indians working abroad are considering returning back to India. LPO and KPO in India have matured into big commercial industry in India and LPO and KPO companies and firms in India are world renowned.

According to various reports Indian workforce working abroad would return back within few years. Industries like cement, automobiles, oil and gas, alternate energy and construction are the main industries attracting reverse migrants.

Qualitative education was also one of the reasons why many professional migrated abroad. Establishment of virtual campuses in India would ease up this educational migration. For instance, Perry4Law Techno Legal Base (PTLB) is managing the exclusive techno legal e-learning portal of India and world wide. It provides many qualitative and highly specialised courses that would remain a dream through traditional Indian educational institutions.

This is a good trend for India. However, India needs to take care of many issues. Skills development in India is one such area. Technical education and skills development in India requires special attention. Higher research and education also needs to be strengthened in India. PhDs in India are dying and corruption is undermining the higher education in India. Even the higher legal education in India needs urgent reforms.

Similarly, Indian LPO and KPO industry must be innovative and competitive to deal with various competing destinations. This is more so regarding the knowledge process outsourcing services in India. For example, the e-discovery outsourcing, LPO and KPO services in India are still in infancy stage despite tremendous potential for the same. LPO and KPO in India need to adapt to technology so that techno legal assignments can be managed.

India must gear up to encash this reverse migration trend. Various techno legal initiatives and policy decisions must be made in this regard so that this migration can be as smooth as possible.

Internet Censorship In India

This article has raised very pertinent points regarding internet censorship in India. Internet censorship in India should not be a norm in a democratic country like India. Better solutions exist to address this crucial issue. Censorship of internet in India by bypassing the constitutional mandates amount to anarchy that should not be the norm in India.

Internet in India is under potential threat of censorship and e-surveillance. Internet censorship in India has increased a lot. Similarly, e-surveillance in India has also increased to intolerable limits.

India has a draconian but cyber criminals’ friendly cyber law in the form of information technology act, 2000 (IT Act 2000). It was amended in 2008 to confer unregulated e-surveillance, Internet censorship and website blocking powers to Indian government and its agencies. The present cyber law of India is an unconstitutional one in the absence of procedural safeguards that can prevent these abusive draconian powers under the IT Act 2000. It requires an urgent repeal.

On top of it we have the proposed central monitoring system (CMS) project of India that has been proposed without any parliamentary oversight. Further, stress upon Internet kill switch is also given by India without realising that Internet kill switch is not a solution to cyber threats. Anti Internet kill switch measures are needed to prevent Indian government from taking recourse of any such unconstitutional and draconian action.

Website blocking and Internet censorship should be resisted as far as possible in India. This fight should be techno legal in nature where both technical and legal measures must be adopted to thwart surveillance and censorship activities of Indian government and its agencies. Proactive self defence in cyberspace is needed not only against alien enemies but also against our own Orwellian government.

Self defence in cyberspace is a concept whose time has come at both national and international level. At the national level of India self defence is required not only against cyber criminals but also against our own over zealous and e-surveillance oriented Indian government. Suggestions have been given in the past that United Nations (UN) must protect human rights in cyberspace as well. However, UN is not serious about protecting human rights in cyberspace.

At the national level, Indian government acquired itself unregulated, illegal and unconstitutional e-surveillance, Internet censorship and website blocking powers with no procedural safeguards. The information technology act, 2000 (IT Act 2000) was amended through the information technology amendment act 2008 (IT Act 2008) and this amendment gave unconstitutional and illegal powers to Indian government and its agencies. With the notification of the IT Act, 2008, the journey from welfare state to a police state was completed for India.

Instances of website blocking in India and Internet censorship in India have increased a lot. What is more worrisome is the fact that e-surveillance and Internet censorship in India have increased without any lawful interception law in India. Lawful interception law in India is missing and phone tapping in India is done in an unconstitutional manner.

Of all e-surveillance project, nothing is worst than the Aadhar project of India and its implementing unique identification authority of India (UIDAI) headed by Nandan Nilekani. Irrespective of what Nandan Nilekani and Indian government says, Aadhar project and UIDAI are serving a very vicious, evil and nefarious objective of e-surveillance without procedural safeguards. Surprisingly, even Google is censoring results pertaining to Aadhar project and UIDAI and is messing up with search placement results.

Now Internet intermediaries in India have been asked to pre screen contents before they are posted on their platforms by the account holders. India wants companies like Google and Facebook to censor users’ contents. In fact, Goggle web censorship has greatly increased in the past. Perhaps somebody at Google was already doing the pre screening of some web contents in India, with or without knowledge of Google.

Google has been in controversies from time to time. Whether it is illegal data gathering, censorship of Google news searches, manipulation of search results, etc, Google has been doing it all. In fact, it seems Google was actively helping Indian government and its agencies for messing up with Aadhar project, UIDAI, World Bank or any other similar post that questions the wrong practices of Indian government. During that period Google continued its censorship drive in India and many posts failed to appear in news, blogs and search segments.

What Internet intermediaries are facing now is a direct result of their succumbing to Indian government pressure and unconstitutional laws like IT Act 2008. They should have challenged the constitutional validity of IT Act 2008 that is the root cause of all these troubles. Fortunately Yahoo took Indian government to court over e-surveillance and more such litigations are expected in the near future. Let us see how cyber law of India would develop in this regard.

Source: PTLB Blog

LPO And KPO Companies And Firms In India

Legal process outsourcing in India (LPO in India) and knowledge process outsourcing in India (KPO in India) are two terms that do not require any introduction. India having an English fluent educated workforce is one of the favourite destinations for LPO and KPO related services.

However, other countries are now giving a tough fight to India in LPO and KPO services and Indian LPO and KPO industry must be innovative and competitive to deal with these competing destinations. LPO and KPO in India are still by and large covering the traditional outsourcing requirements with few exceptions. This is more so regarding the knowledge process outsourcing services in India.

Take the example of e-discovery LPO and KPO in India. The e-discovery outsourcing, LPO and KPO services in India are still in infancy stage despite tremendous potential for the same. This is because a dominant majority of LPO and KPO service providers in India and not sound in a techno legal manner. LPO and KPO in India need to adapt to technology so that techno legal assignments can be managed.

Perry4Law, the exclusive techno legal ICT and IP law firm of the world, is providing the best techno legal LPO and KPO services in India and world wide. Its techno legal segments like Perry4Law Techno Legal Base (PTLB) and Perry4Law Techno Legal ICT Training Centre (PTLITC) are world renowned.

PTLB is also providing the exclusive citizen to government (C2G) LPO and KPO services in India and it is also the sole citizen to government LPO and KPO services provider in India. PTLB has set an example how firms and LPO and KPO services providers must adapt according to technology to provide cutting edge and world class LPO and KPO services.

The future belongs to techno legal LPO and KPO service providers and Perry4Law, PTLB and PTLITC have clearly got a leverage, advantage and expertise over other LPO and KPO service providers of India and abroad.

Guidelines For Social Media Contents Monitoring In India

Social networking is an area whose time has come. People across the globe are part of social media and networking platforms. This also applies to India. However, dedicated social networking laws in India and social media laws in India are missing despite much requirement.

Even we have no social media policy of India that governs the use of social media in India. The growing demands for cyber due diligence in India has further necessitated for adopting of a sound social networking policy in India by various stakeholders.

For the first time, a social media framework and guidelines for Indian government organisations has been suggested. However, keeping in mind the past record of Indian government, this may be another proposal that would not be fulfilled.

Cyber law of India has imposed certain restrictions and liabilities upon social networking websites. For instance, social networking sites are liable if they fail to exercise cyber due diligence in India. Similarly, social media is also liable for online IPRs violations, including online copyright violations in India.

Recently Internet intermediaries of India were agitated when they were asked to pre screen users’ contents before posting at their websites. Companies like Google and Facebook were asked to take appropriate steps in this regard. However, lack of adequate Internet intermediary laws in India has proved to be a big hurdle in regulating online contents in India. Google has openly showed its dissatisfaction in this regard to Indian government.

Now Indian government is planning to formulate guidelines for monitoring content on social media platforms and removal of objectionable content from websites. Let us hope the same would be drafted after analysing various merits and demerits of this proposal.

Cyber Attacks And Political Pressures Upon Cyber Dissidents Worries European Council

Human rights protection in cyberspace is an important aspect of civil liberties protection these days. However, despite the significance of this issue, both national and international governments ate shying away from protecting human rights in cyberspace. On the other hand they are actively engaging in e-surveillance, Internet censorship, etc that violates various civil liberties in cyberspace. Throughout the world technology has been increasingly used to violate human rights in cyberspace.

In India various individuals and companies have already sued Indian government for violating their civil liberties in real world as well as cyber world. A writ petition for protection of privacy rights in India is already pending before the Supreme Court of India. The way Indian executive is playing with the Constitution of India, the day is not far when there would be a complete “constitutional failure” in India.

Similarly, Yahoo has already taken Indian government to court over illegal demands of e-surveillance by union home ministry of India. In its petition, Yahoo has emphasised upon the right to privacy of a company that stores such sensitive data and questioned as to what extent authorities can coerce it to part with the information considered necessary to either track terror perpetrators or thwart future attacks.

India has demanded companies like Google and Facebook to censor user contents. Indian government has asked the Internet intermediaries like Google, Yahoo, Microsoft, Facebook, etc to pre screen offensive contents before they are posted. This has happened because there are no well defined Internet intermediary laws in India deals with cyber due diligence requirements of these companies in India. Google has already communicated its dissatisfaction with the Internet intermediary law of India.

Further, censorship of Internet in India and blocking of websites in India is very common even without any constitutional and civil liberty safeguards. Further, Indian government is now openly acknowledging surveillance of Internet traffic in India. In fact, measures to fight websites blocking and Internet censorship have also been suggested by few.

In these circumstances, protecting human rights in cyberspace is not an easy task and most of the nations are not willing to do so for their own e-surveillance reasons. Although UN has declared that access to Internet is a human right yet all countries are openly violating this right. Efforts of United Nations to protect human rights in cyberspace are still half hearted and slow. UN must protect human rights in cyberspace in widest possible manner.

Lack of privacy laws and procedural safeguards have already stalled the national intelligence grid (Natgrid) project of India. Intelligence work is no excuse for non accountability that is commonly available to Indian intelligence and security agencies of India.

Similarly, absence of data privacy laws in India has created a big trouble for the Aadhar project of India. Chances are very great that Aadhar project of India may be scrapped and it must be scrapped in its present form and structure.

In these troubled situations, the council of Europe is taking many pro active steps to strengthen human rights protection in cyberspace. The Council of Europe has recently released a resolution titled “Abuse of State Secrecy and National Security: Obstacles to Parliamentary and Judicial Scrutiny of Human Rights Violations”. This is a significant step to reduce the blanket use of national security façade to violate civil liberties.

Now Council of Europe has issued an alert to European countries about the risk to free speech by cyber attacks and political pressure on internet platforms, internet service providers (ISPs), independent media, whistleblowers, human rights defenders and political dissidents.

The Council's Committee of Ministers issued a Declaration expressing concern over pressure being exerted on internet companies and ISPs to tighten controls on internet content, which supports a recent EU Court of Justice ruling that ISP filters are prohibited under European law.

The Council is also worried about the impact of cyber attacks, particularly Distributed Denial of Service (DDoS) attacks, on advocates of free speech, which it sees as a relatively new way that this right is being violated.

The Council alerted member states about their potential violation of Articles 10 and 11 of the European Convention on Human Rights if they exert pressure on ISPs and internet platforms, or participate in cyber attacks against whistleblowers and other new media.

Let us hope that other nations, including India, would take clue from these developments happening in Europe and consider changing their laws and attitudes accordingly.

Police In India Is Not Comfortable With Cyber Crimes

Cyber crimes in India are increasing at a rapid rate. However, the cyber law of India is not strong enough to deter these cyber crimes and common man has to suffer the results of this weak cyber law of India.

Further, the law enforcement agencies of India are not well trained to deal with cyber crimes. If a person whishes to lodge a first information report (FIR) with the police for a cyber crime, he is discouraged by police in every possible manner.

If you seek an explanation from the police officers for this behaviour they would candidly tell you that they lack the necessary expertise to deal with cyber crimes. If police force is not at all aware of cyber law there is no chance that it can solve many sophisticated cyber crimes.

Cyber crimes investigation in India is not satisfactory at all. Police forces lack cyber crimes investigation capabilities in India. Cyber skills development in India for police forces is need of the hour. Even the cyber crimes cells of India are not effective in successfully investigating and solving various cyber crimes.

The position has become so worst that now complainants of cyber crimes have to knock at the doors of high courts to get proper relief. Recently a Criminal Miscellaneous Writ Petition has been filed in Lucknow Bench of Allahabad High Court for transferring a cyber criminal cases against Facebook to Special Task Force (STF) or some other specialised agency of UP Police.

The petitioner a social activist Nutan Thakur approached the court after the local police failed to take any action in FIRs filed by her against Facebook over alleged use of criminally abusive language. The local police reported that they have no expertise in computers so they cannot proceed ahead.

Blaming the police force of India for this lack of expertise is not good. It is the duty of Indian government to suitably train the police force of India. Modernisation of police force of India is urgently required. Police force must be provided cyber crimes investigation courses and trainings in India.

Perry4Law Techno Legal Base (PTLB) is providing techno legal cyber law trainings for police agencies and various stakeholders. PTLB e-learning virtual campus manages various techno legal courses for stakeholders from around the world. Indian police force must get suitable trainings in the field like cyber law and cyber forensics from institutions like PTLB.

Skills Development In India Is Required

India has one of the largest educated workforces of the world. However, a majority of these educated students are not suitable for employment purposes. This is because employment requires skills and practical trainings that our academic educational system does not provide.

Indian government is aware of this limitation of Indian educational system and is working in the direction of skills development, practical trainings and vocational education. Even suitable legal framework to streamline educational sector in India is in pipeline.

Skills development in India is an area that requires top priority of Indian government. Further, technical education skill development in India also needs to be taken care of. Virtual campuses can be a big help in streamlining professional, vocational and skills development in India.

Even the legal education in India needs great reforms. PhDs in India are dying and higher legal education in India needs urgent reforms. In particular, continuing professional legal education in India needs to be developed. Further, public legal awareness training in India also needs to be strengthened.

India is providing many Information Technology related services. However, other countries, especially China, have now started giving competition to India. A cyber skilled workforce of India needs to be developed. Even cyber law skills developments in India are required to meet growing cyber crimes.

The cyber crime investigation capabilities in India need to be upgraded as cyber crimes are far exceeding the cyber capabilities of law enforcement agencies of India. Cyber crime investigation training in India as well as cyber fraud detection training in India is needed to tackle cyber crimes, white color crimes and organised crimes.

To solve these high tech and organised crimes, we also need to develop cyber forensics capabilities in India. Cyber forensics training in India can help in detection and prosecution of these crimes. Perry4Law Techno Legal Base (PTLB) is managing the exclusive techno legal online cyber forensics training centre of India that is developing cyber forensics skills of various stakeholders.

Since India is facing growing cyber attacks, cyber warfare, cyber terrorism, cyber espionage, etc, we also need to ensure cyber security skills development in India. Ethical hacking training and courses in India can be really helpful.

PTLB skills development initiative is providing techno legal trainings in the fields like cyber law, cyber security, cyber forensics, offensive and defensive cyber capabilities, etc. Interested individuals, organisations and stakeholders can enroll for these courses to develop their skills.

Ethical Hacking Skills Development In India

Skills development in India is an area that requires top priority. Even among various skills, cyber skills development in India requires a special treatment. Skills development in India for technical education is missing as Indian educational institutions are paying more attention to academic nature rather than practical and vocational requirements.

Cyber crimes in India are increasing at an alarming rate. Similarly cyber attacks against India are increasing at fast pace. However, neither cyber crime investigation training in India nor cyber security training has been undertaken so far to a satisfactory level.

For instance, very few institutions are providing ethical hacking training, courses and education in India. Further there is a single ethical hacking software and tools repository in India managed by Perry4Law Techno Legal Base (PTLB).

Cyber security skills development in India is the need of hour. Cyber forensics skills development in India is another area that requires urgent attention of various stakeholders.

PTLB e-learning platform is providing various techno legal e-learning trainings, education and courses. Interested stakeholders may contact PTLB in this regard.

To sum up, ethical hacking skills development in India are urgently required to take care of cyber crimes and cyber attacks that are playing havoc with Indian critical infrastructure. The sooner it is done the better it would be for the national interest of India.

Cyber Security Courses In India

Indian defense and security against cyber warfare is not upto the mark. A major reason for this lack of cyber capabilities is that India has very few institutions that can provide good and qualitative techno legal skills development, education, courses and trainings in the field of cyber security.

Thus, cyber security skills development in India is directly related to good and qualitative cyber security courses in India. There are many essentials of cyber security courses in India that must be taken care of before trained and skilled cyber workforce can be produced in India.

Perry4Law is managing many qualitative and world class techno legal education and training institutions and centers. For instance, Perry4Law Techno Legal Base (PTLB) provides good and qualitative techno legal cyber law, cyber security, cyber forensics and many more techno legal courses and trainings.

Similarly, Perry4Law Techno Legal ICT Training Centre (PTLITC) provides domain specific and highly specilaised cyber law, cyber security, cyber forensics and many more techno legal courses, trainings and educations.

PTLB e-learning platform is providing courses on cyber law, cyber forensics, cyber security and many more techno legal fields. Stakeholders and learners from around the world can be enrolled there for these courses. These virtual campuses can fill the cyber security education gap that is prevailing in India.

Cyber security courses in India must not be mere academic degrees or diplomas. They must be practical and vocational in nature. Technical education and skill development in India still needs to be developed. Kapil Sibal is doing a good work in the field of education and very soon cyber security courses may also be taught in India in a qualitative manner.

Law Enforcement Agencies Need Cyber Law Training

World over it is a common belief that law enforcement agencies are well behind the cyber criminals and they cannot meet the growing challenges of cyber law and cyberspace. Even the law enforcement agencies are also of the opinion that their expertise is well behind the expertise of cyber criminals and crackers.

A well organised police cell for dealing with cyber crimes is still a distant dream. However, the least law enforcement agencies can do is to get the basic level computer and cyber law trainings. Till now even this basic level awareness and training is missing for law enforcement agencies.

Further, these trainings must be techno legal in nature to be effective. Perry4Law Techno Legal Base (PTLB) is providing world class techno legal trainings for law enforcement officials. It is also managing a techno legal cyber law, cyber forensics and ICT training centre for police force in India.

The best part is that PTLB is also managing the exclusive Techno legal e-learning centre in India. Any law enforcement agency of the world can enroll its officer for the great techno legal cyber law, cyber forensics and other courses of PTLB. All these courses can be undertaken in an online mode and from any location of the world.

The need for such trainings in India is very apparent. Cyber crimes investigation in India is a tedious and difficult task for the police force of India. A trained cyber police force of India is needed so that the growing cyber crime cases in India can be effectively tackled. Indian Police needs cyber law training so that cyber crimes victims in India may get appropriate remedy and justice.

PTLB is providing various courses on investigation of cyber crime cases in India and world wide. Further, PTLB is also providing cyber crimes investigation training in India.

Interested stakeholders may visit the PTLB e-learning site and follow the procedure mentioned therein. Once the enrollment to PTLB courses is successfully undertaken, these stakeholders can enrich themselves with the world class techno legal trainings of PTLB.

Counter Terrorism Capabilities Of India Are Not Sufficient

Of late, the terrorist activities in India have increased significantly. Unfortunately, Indian government has not been able to deal with terrorism nuisance effectively. In the war against terrorism, India has miserably lost the same despite many efforts in this regard.

There are many shortcomings of Indian counter terrorism initiatives. The most important shortcoming is that Indian national security policy is missing. Even the counter terrorism capabilities of India are not satisfactory. To make the situation worst, the turf war in India is compromising the national security in India. This is the main reason why the national counter terrorism centre of India has also been downsized.

Even in the cyberspace Indian capabilities to deal with cyber terrorism are limited. Cyber security in India is not up to the mark and we must seriously consider developing cyber warfare capabilities in India and anti cyber terrorism capabilities in India. Questions about cyber security of Indian nuclear facilities and centers have also been raised.

It is high time for Indian government to seriously consider developing anti terrorism capabilities and anti cyber terrorism capabilities. Mere assurances and verbal achievements would do more harm to India at this stage.

Interpol Helped India In Tracking Child Porn Surfers

Protecting children in cyberspace has become a daunting task. As the Internet is not confined with any boundary, fighting online child pornography requires an internationally coordinated effort.

This is exactly what happened in a recent episode of surfing child pornography in India. In this case the Interpol coordinated with the Central Bureau of Investigation (CBI) to unearth the guilty surfers. After the details of the accused were made available to the local police, the state cyber police registered a case against 20 Keralites for trawling child porn websites.

The list was prepared by the Interpol after closely tracking the users for the past couple of months. The list contains the name, IP address and full postal address of persons from various parts of the state.

Police has also started cross-checking the details of these surfers. As per the cyber law of India, incorporated in the information technology act 2000, browsing child porn sites is a non-bailable offence. However, action against the offenders will be decided after thorough discussions with higher-ups.

According to police sources there has been considerable increase in child porn surfing in Kerala. The Interpol prepared the list after getting in touch with various internet service providers. At times, they even host fake websites to check how many surfers are visiting it. It is a basically a covert operation of the Interpol to hunt down such surfers. The list of offenders is prepared after multiple-level of surveillance and filtering.

Software Vulnerabilities And Their Exploitation

Some sort of vulnerability is common in any security infrastructure and software is no exception to the same. Software vulnerability may occur due to insufficient testing, lack of audit trail, use of publicly available codes, programming errors, etc. A programmer while making a software may assume that all user input is safe. Programs that do not check user input can allow unintended direct execution of commands or SQL statements like buffer overflows, SQL injection or other non-validated inputs.

Although various set of coding guidelines have been developed and a large number of static code analysers has been used to verify that the code follows the guidelines yet coding errors are common in a majority of software. A coding error gives rise to vulnerability in software that can be exploited by a malicious user.

An exploit may be a piece of software, a chunk of data, or sequence of commands that takes advantage of vulnerability in order to cause unintended or unanticipated behavior to occur on software.

There are several methods of classifying exploits. The most common is by how the exploit contacts the vulnerable software. A “remote exploit” works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A “local exploit” requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.

Exploits against client applications also exist, usually consisting of modified servers that send an exploit if accessed with client application. Exploits against client applications may also require some interaction with the user and thus may be used in combination with social engineering method. This is the hacker way of getting into computers and websites for stealing data.

Often, when an exploit is published, the vulnerability is fixed through a patch and the exploit becomes obsolete for newer versions of the software. This is the reason why some blackhat hackers do not publish their exploits but keep them private to themselves or other hackers. Such exploits are referred to as “zero day exploits”.

As far as legality of exploiting software is considered, it is considered to be a cyber crime or offence in many jurisdictions. Even circumventing an access control mechanism is punishable under laws like digital millennium copyright act (DMCA). However, it is cracking of software that is punishable and not hacking as is popularly misunderstood in the media circles.

Software vulnerability and their exploitation need to be taken care of by a techno legal framework that combines both technological and legal issues. However, this techno legal framework is still missing in most of the jurisdictions of the world.

Proposed Jan Lokpal Law Must Be Techno Legal

The drafting of final Jan Lokpal Bill of India is pending before the Parliament Standing Committee (PSC). The task before the PSC is enormous as it has to analyse the inputs of various stakeholders and experts while suggesting the final Jan Lokpal Bill.

There are many drafts of Jan Lokpal bills that have been in circulation. Besides, there are many good suggestions from techno legal experts of India that have shown the necessity to make the proposed Jan Lokpal law techno legal in nature.

According to Praveen Dalal, managing partner of New Delhi based techno legal ICT law firm Perry4Law and leading techno legal expert of India, the proposed Jan Lokpal Law of India must be Techno Legal and Technology Driven in nature.

The issues like E-Procurement, E-Banking, E-Delivery of Services, etc would bring their own share of Scams and Corrupt Practices and the same cannot be dealt with by the Jan Lokpal Law unless it is Techno Legal in nature, suggests Dalal.

So far the proposed drafts of Jan Lokpal have failed to address these crucial issues. Fortunately, the PSC on Jan Lokpal can consider the suggestions of techno legal experts of India while suggesting final bill in this regard.

Should Media Be Brought Under Lokpal Scanner?

Jan Lokpal has raised many debates. Some are constitutional while others are ethical and those pertaining to the efficacy of Jan Lokpal itself. One issue that has been sternly opposed by the Indian media is whether media should be brought under the purview of proposed Jan Lokpal law of India?

Some experts have opined that the idea of bringing the media within the ambit of the Lokpal is "bad and mischievous". They have argued that media falls under the category of “private individuals” and the basic objective of the proposed Jan Lokpal law is to target governmental irregularities and corruptions.

Though experts agreed there were problems in the media like paid news, they felt the media would have to deal with the issue itself. They argue that while involvement of a politician in paid news would come under the Election Commission of India norms, in case a newspaper took cash for publishing such news, it would violate the tax laws. The experts mentioned there are quasi-judicial watchdogs like the Press Council of India to look into the complaints against media.

However, demanding that media cannot and should not be brought under the ambit of Jan Lokpal in all circumstances is ignoring the ground realities and the influence making powers of media. If media is involved in corrupt practices, it can validly be brought under the ambit of Jan Lokpal.

There is no reason why media should be excluded from the ambit of Jan Lokpal and there are many factors and reasons that may justify this inclusion. The parliamentary standing committee must consider this aspect as well while formulating the ultimate Jan Lokpal Bill for India.

Trained Cyber Police Force Of India Is Needed

Modernisation of police force of India is an issue that has not received much attention of Indian government in general and ministry of home affairs of India in particular. Even the so called cyber crime cells of India lack expertise in fields like cyber law and cyber crimes. The truth is that police in India needs urgent cyber law training.

Perry4Law Techno Legal Base (PTLB) of Perry4Law has been providing techno legal cyber law and cyber forensics trainings for law enforcement, lawyers, judges, corporate CEOs, etc. PTLB is the exclusive techno legal training institution of India that provides a combination of technical and legal trainings to various stakeholders.

Cyber crimes in India are increasing and victims of such cyber crimes have virtually no redress. Neither the police officials nor the courts are well trained to deal with high tech crimes in India.

Merely opening few cyber crime cells in some states would not serve the purpose. Even opening of such cyber crime cells in all parts of the country would not serve any purpose. What is the purpose of opening such cells if they cannot investigate cyber crimes and book the cyber criminals for various cyber crimes?

Till now the sole techno legal cyber forensics research, training and educational centre of India is managed by PTLB and Perry4Law. This cyber forensics centre of India has been providing cyber forensics best practices in India and is also disseminating techno legal information regarding cyber law, cyber security, cyber forensics, cyber espionage, cyber terrorism, human rights in cyberspace, etc at national and international level.

We need more training institutions on the lines of PTLB/Perry4Law. Further, it is high time for Indian government to work on a public private partnership model that can include techno legal institutions/firms like PTLB/Perry4Law.

Privacy And Data Protection Law Firms In India

Of late, privacy and data protection issues have assumed importance from the commercial and legal point of views. Commercially privacy and data protection are required to be protected to retain strategic advantage. Legally privacy and data protection are required to be protected under the laws of various jurisdictions.

Privacy is a concept that is unknown to Indian culture. However, slowly and steadily it has started gaining importance. When i talk about privacy, it not only includes the traditional privacy requirements but the more demanding requirements of our present times as well.

In the age of Internet and social networking, privacy has assumed a totally different meaning. There are many privacy violations in cyberspace and the role of good techno legal lawyers and law firms is very apparent in punishing the offenders.

According to B.S.Dalal, partner at New Delhi based ICT and IP law firm Perry4Law and a techno legal expert, “Techno legal privacy protection, data protection and data security lawyers and law firms are limited in nature. As far as India is concerned, we have no dedicated privacy, data protection and data security law. This is a serious limitation that is resulting in poor privacy, data protection and data security legal practice in India”.

However, sooner or later regulatory framework for privacy and data protection in India would be required. Further, disputes regarding privacy and data protection would also increase in future. This would require techno legal expertise on the part of lawyers and law firms.

The outsourcing industry must pay a special attention to the techno legal requirements of privacy, data protection and data security issues. Perry4Law and Perry4Law Techno Legal Base (PTLB) have strongly recommended formulating and adopting best practices by stakeholders in this regard.

The Search Engine Quality Of Google Is Deteriorating

Up to some time before, Google was considered synonymous with search engine results. However, the picture is fast changing now when competitors are fast catching up with the quality of Google and are challenging its market share.

Have you noticed that the search results in Google search engine do not reflect the correct and true picture? If you are a blogger and using the blogspot platform, you must have also realised that your posts are appearing only after a period of 2/3 days.

Further, in the past there are clear cut examples of Google censoring and filtering news and search results, at least in India. Further, Google has also been messing up with search placements whether by default or otherwise.

Now consider the search engines like Yahoo, Bing and DuckDuckGo. They have acquired a good reputation and goodwill among the users due to their consistency and lack of censorship activities.

I analysed the four search engines with a common search query and was surprised to find how Google simply does not index the blog posts that were immediately picked up by other search engines.

I also checked the webmaster tool of Google but there were no indexing errors or errors of other type that could have resulted in non indexing or poor indexing of blog posts. Naturally, either Google’s algorithm has been deteriorated to a level that would ultimately affect it reputation and usage or it is deliberately censoring and manipulating the results.

Either way this is too much for users like me who prefer to shift to other search engines for getting legitimate, genuine and good results. My personal ranking for search engines, for the time being, is Yahoo, DuckDuckGo, Bing and Google.

Cyber Security Law Firms In India

Technology has brought its own share of legal challenges for both law makers and lawyers. For law makers, technology has posed a challenge of enacting suitable laws that can meet the challenges of misuse of technology. For lawyers, technology has come as an unexplored area that they have to understand, apply and argue in courts and corporate environment.

Take the example of India. There are very few cyber law firms in India or cyber law lawyers in India who can understand and apply the same. Even the cyber law consultants in India are handfuls that are serving the corporate entities.

One area that has recently interested the legal community pertains to cyber security. Although cyber security as a legal field has started gaining attention of foreign lawyers and law firms yet cyber security law firms in India or cyber security lawyers in India are still missing.

Of course, exception in the form of Perry4Law and Perry4Law Techno Legal Base (PTLB) can be found in India. Perry4Law is the exclusive techno legal ICT and IP law firm of India that has acquired international reputation in the fields like cyber law, cyber security, cyber forensics, etc.

B.S.Dalal, partner at Perry4Law opines, “One positive development that I have recently noted about these techno legal fields is that lawyers and law firms have started exploring the areas like cyber law, cyber security, cyber forensics, etc. Although the number of such lawyers/law firms is negligible yet the growing interest in the techno legal fields would increase such numbers in future”.

Further, techno legal issues would also change the way traditional businesses and transactions would be carried out in future. For instance concepts like cyber insurance, online dispute resolution, e-courts, digital evidencing and e-discovery, media forensics, cyber forensics, etc would be very much used in future, says B.S.Dalal.

Indian legal fraternity must start exploring techno legal fields that would take tremendous time, energy and efforts to understand and apply. The sooner it is done the better it is for the legal fraternity of India.

Want Better Search Results Try DuckDuckGo and Yahoo

Of late the search results of Google India have messed up badly. If you are a blogger who is blogging for years, you must have already noticed poor placement of your blog posts at Google’s search engine.

As a matter of fact other search engines like DuckDuckGo, Yahoo and Bing are producing much better results. There can be many reasons for this poor listing of blog posts at Google.

These include censorship on behalf of Google under government pressure, manipulation by rouge employees at Google, spam blog posts by a particular blogger, discrimination in favour of commercial entities by Google, poor search engine optimisation (SEO) by concerned blogger, non qualitative and repetitive contents, etc.

Initially it was content farming and splogs that caused trouble for Google, now its poor search algorithm is bringing bad name for it. Google must pay special attention to its Indian operations as they are not up to the mark and are not meeting the Google’s philosophy and corporate policy.

In these circumstances it would be a better option for SEO companies and bloggers to target other search engines like DuckDuckGo, Yahoo, Bing, etc as presently they are providing more relevant, unbiased and specific search results than Google.

Serious Fraud Investigation Office (SFIO) Of India Would Get More Powers

Serious fraud investigation office (SFIO) is a corporate fraud investigating body under the ministry of corporate affairs (MCA), India. SFIO has been seeking broader powers to carry out investigations abroad. Now the MCA is considering this proposal of SFIO that would allow it to trail funds abroad.

Lack of such powers has also been hampering SFIO’s investigations into the multi-crore Satyam fraud as the company has operations in other countries also. Set up in 2003, the government plans to give the SFIO more teeth in the new Companies Bill, which was tabled in Parliament last August.

A permanent cadre for the SFIO is also under consideration to ensure more stability to the body. Diversion of funds is a Companies Act violation, but when funds are hived off abroad it becomes a hawala transaction, and falls under the ambit of the Enforcement Directorate.

The proposals to give SFIO more teeth for investigation are mostly based on the recommendations of the V Vepa Kamesam Committee. Giving the SFIO powers to trail illegal money stashed away abroad is, however, not part of the committee's suggestions.

The eight-member committee had suggested that the SFIO be given exclusive jurisdiction to probe and prosecute entities involved in financial frauds, besides also probing cases related erring entities/individuals like chartered accountants and company secretaries.

The committee is of the opinion that power of search and seizure, and attachment should be entrusted with the SFIO as available with the Income Tax authorities, Customs, Enforcement Directorate etc.

It has also suggested that the SFIO be empowered to take up a case suo moto and even on a source-based information if a fraud has been committed. The committee has also called for the SFIO having flexibility to outsource the services of experts like chartered accountants, legal experts etc and officers joining the investigating agency on deputation be ensured protection of their existing pay and allowances.

UIDAI Served With Legal Notices Challenging Its Constitutionality

Aadhar project of India is managed by Nandan Nilekani led unique identification authority of India (UIDAI). It has always remained in controversies since it has been launched.

Neither Aadhar project nor UIDAI are governed by any legal framework and parliamentary oversight. Aadhar project and UIDAI are purely executive projects with no constitutional sanctity. In fact Aadhar project and UIDAI are operating in an “unconstitutional manner”. Even the Prime Minister of India, Dr. Manmohan Singh, has not given a serious thought to the Aadhar project and UIDAI.

Now legal notices have been served upon UIDAI questioning its credentials and constitutionality. The notices have asked the legal sanctity behind the process of acquiring biometric data of people to provide them the 12-digit UID number even before a law on UID comes into force.

The two legal notices issued to UIDAI chairman Nandan Nilekani on July 5 and July 6 also raise concerns over UID numbers invading the privacy of individuals as these are for multi-utility service use, and would force individuals to leave trails, allowing invasion of their privacy.

Mathew Thomas, general secretary, Citizens’ Action Forum, and V K Somashekhar, founder patron, Coordinated Action of Consumer and Voluntary Organisations of Karnataka (CACVOK), have separately issued legal notices to Nilekani on Tuesday and Wednesday through their respective advocates.