E-Discovery For Due Diligence By Banks In India

Banking sector of India is passing through a reformative phase. Lots of banking reforms are under process and Reserve Bank of India (RBI) is playing a major role in the same. Finance Minister Pranab Mukherjee has been extending his full support for banking and financial sector reforms as well.

Even in the fields of cyber law, cyber security, cyber due diligence, prevention of cyber banking frauds, etc RBI has issued many guidelines through its information technology vision document 2011-17. Some of the mandatory guidelines now require banks of India to appoint chief information officers (CIOs) and steering committees on information security at the board level at the earliest.

In the past, lack of cyber due diligence and absence of CIOs and steering committee has resulted in many cyber crimes and banking frauds. Techno legal experts like Praveen Dalal believe that if a proper cyber due diligence was at place, it could have prevented the recent fraud that was committed at the Gurgaon based branch of Citibank.

Banks in India must understand the importance of e-discovery practices, incidence response, first responder’s roles, cyber due diligence, etc. If banks have a sound e-discovery mechanism, many frauds can be anticipated and prevented before they occur.

E-discovery law in India has still to be enacted. Although India has the cyber law of India incorporated in the form of information technology act 2000 (IT Act 2000) yet it is far from being sufficient for cyber forensics and e-discovery purposes.

Government of India must immediately enact some good technology laws that can cater the requirements of present times. Presently, the IT Act, 2000 needs a complete overhaul as it is not meeting the needs of the hour.

RBI Releases Its IT Vision Document For 2011-17

The Reserve Bank of India (RBI) has recently released the Report of the High Level Committee (HLC) on the IT Vision of Reserve Bank of India 2011-2017. The HLC report includes the IT Vision document for 2011-17.

RBI has set some very ambitious objectives for itself. These include transforming itself into an information intensive knowledge organisation, harnessing human resource potential, migration to enterprise architecture for IT systems, adopting appropriate business process re-engineering, etc.

RBI has also stressed upon improving its IT governance, effective project management, evolving well defined information policies as well as information security frameworks, better vendor management and outsourcing practices.

The Vision Document suggests commercial banks to move forward from their core banking solutions to enhanced use of IT in areas like MIS, regulatory reporting, overall risk management, financial inclusion and customer relationship management.

It also dwells on possible operational risks arising out of adopting technology in the banking sector which could affect financial stability and emphasises the need for internal controls, risk mitigation systems, fraud detection / prevention and business continuity plans. However, concepts like Internet banking cannot succeed in the absence of legal framework in this regard.

According to Praveen Dalal, leading techno legal expert of India and a Supreme Court lawyer, we have no dedicated Internet Banking Law in India. Although, RBI has issued many guidelines in this regard and even our Information Technology Act, 2000 contains some indirect and implied provisions for Internet Banking yet we need a separate and dedicated law in this regard, opines Dalal.

Similarly, the present banking and other technology related legal frameworks are not conducive for mobile banking in India. We do not have a well developed e-governance infrastructure in India. Similarly, on the front of e-commerce as well, India is not much successful.

RBI will begin implementing the recommendations of the HLC shortly. However, commercial banks in India must not wait for RBI’s initiations in this regard. They must start implementing due diligence requirements as prescribed by RBI as soon as possible.

Online Training Of Judges In India

Judges in India, especially those manning the lower courts, are working really hard. At times they do not have time to even brush up their legal acumen and knowledge. Further, news laws are enacted every year by Indian Parliament and unless the judges attend some refresher course on regular basis, these legislations are not known to them.

However, nothing is more missing than the techno legal training and education of judges at all levels. Judges must be aware of not only legal aspects but also of the technical aspects as well. Laws like cyber law are a good example of techno legal field.

In India, there are very few institutions and centers that are providing techno legal trainings and educations to judges. This is because of the specialised nature of the field. Further, there is no framework for continuing legal education in India (CLE in India) or lifelong learning in India for judges or lawyers.

We have a single techno legal research, training and education centre in India. The same is managed by Perry4Law Techno Legal Base (PTLB). It is providing techno legal training and education to judges, lawyers, police officers, public prosecutors, etc in the fields like cyber law, online dispute resolution (ODR), e-courts, cyber forensics, digital evidencing, etc.

To provide flexibility and extensive cyber law training in India, PTLB has also launched an online platform. The online platform of PTLB allows a lawyer, judge, law enforcement officer corporate executive, etc to sharpen their techno legal skills even at the comfort of their home, offices, chambers or corporate room.

Application form for the enrollment to various courses, internships and trainings can be downloaded from here.

In order to get enrolled, you must duly fill the form and submit the same along with the prescribed fees. For more details regarding the fees, duration of courses, natures of courses, etc see the FAQs.

For lawyers and judges, PTLB has launched a separate platform known as Online Lawyers and Judges Training and Educational Centre of India. In short, it is known as Bar & Bench Training Blog that provides meaningful insight to not only lawyers and judges of India but also world wide.

Judges in India need to enroll to such courses as they must upgrade their concepts on regular basis. Further, the legal education policy of India must also incorporate the model suggested by PTLB. Law Minister Veerappa Moily has been taking many good steps for legal and judicial reforms in India and CLE of judges should be a part of the same.

Can Google Defeat Content Farms And Splogs?

Google has finally done something that justifies its reputation and capabilities. It has come heavily upon content farming sites and splogs. By removing content farming sites and splogs and by placing low quality and contents scrapping sites at very low search level, Google is going to make its search results more relevant and meaningful.

However, not everything is in order at Google to achieve this purpose. Firstly, copyright violation and plagiarism is abundant not only on personal domains but also upon Google’s platforms like Blogspot. Google does not have a stringent policy against these offenders.

In fact, Google’s policies, especially online advertisements like Adsence, are going against original contents providers and in favour of copyright violators. The DMCA procedure of Google for redressing copyright violations is not only cumbersome and ineffective, but is also favouring contents infringers. To a greater extent it also appears that through Adsence program, Google is actively encouraging content farming, splogs and copyright violations.

Secondly, although the tweaking of search algorithm by Google has already shown improvements in Google search results, yet indexing of new articles has become very slow. This is especially true for those sites that have submitted an application for inclusion in Google news. If the articles are not indexed properly, others pick up the same and their duplicate contents appear first on the search results.

Respecting the intellectual property rights, especially copyright, of the original contents providers and awarding them with the search place they deserve at Google would benefit both Google and the original contents providers.

Presently, nothing like this is happening and Google’s claims of better search results and respecting original content provider’s interest is still not achievable. Google must put in place a system that is more responsive and friendly for original contents providers. This system must be such that spam reports must be immediately redressed and copyright violations that are apparently and patently visible must be urgently taken care of.

For the time being, content farming sites, splogs and copyright violators are defeating Google and other search engines are encashing upon this fact. I hope Google would seriously deliberate upon these aspects.

Reasons For Failures Of E-Governance In India?

E-governance in India has by and large a failure. This is because of the poor policy decisions taken by Indian government. There is too much stress upon procurement as opposed to management. India has to accept that computerization of traditional governmental and public functions are not e-governance. We have to empower the citizens with the power of ICT.

Information and Communication Technology (ICT) has become an indispensable part of our daily life. It has the potential to streamline procedures, inculcate discipline among workforce, and bring transparency and accountability and reduction of costs. The benefits are tremendous provided we have the will, insight and knowledge to use it.

E-governance in India is in its infancy stage. The National E-Governance Plan (NEGP) is the umbrella under which all e-governance initiatives are taking place. However, there are very few successful and completed e-governance initiatives like MCA21 in India. Whether it is e-courts, e-readiness, legal enablement of ICT systems, e-gazette, e-commerce etc none are even close to success. So where lies the problem?

Firstly, there seems to be lack of insight among the policy-makers. The ICT polices and strategies of India are not covering the e-governance aspects at the national level. No political party ever considers e-governance as an important part of their political agenda before elections. Even commodities like onion and potatoes find place in national debates but not e-governance.

Secondly, there is too much stress upon procurement as opposed to management. India has to accept that computeristion of traditional governmental and public functions are not e-governance. We have to empower the citizens with the power of ICT. We have to make the governmental services user-friendly as well as productive and easy.

Thirdly, there is lack of transparency in governmental dealing and in the absence of the same e-governance is just paperwork. In India, we have the Right to Information Act, 2005 but the same has been a failure in India. The public information officers keep on denying the relevant information on flimsy grounds.

In exceptional cases, citizens may get some information but by and large very few people get the information.

Fourthly, accountability among governmental officers is missing. There is no mechanism through which we can punish a wrong doer for his violations and negligence. This results in a casual attitude towards public good and e-governance. If we fix accountability and time-bound progress requirements then a lot of problems can be solved.

Fifthly, public participation in both policy making and governmental decisions is missing. If we get the opinion of those who are somehow surviving at the grassroots level we can solve the majority of our problems. However, the fact is that grassroots level problems are never solved.

The induction of information technology into governance, especially at the rural level, is not an easy task due to unstructured nature of rural development, low literacy levels and reluctance to adopt information technology. Regional disparities which were already glaring in poverty, employment generation, literacy are widening further. E-governance will be successful only if we start to undertake due efforts to implement it in all blocks and districts and spread it to the grass root level.

Being the largest democratic country, India must show an example to other in this context. But in last many years we have not seen the efficiency of public servants, who are supposed to be the some of the best brain of India. For attaining developed status our public service system must work in a better way. Citizen must participate in various activities, if we really want to see India as a developed nation. Public service must be strengthened in India in true spirit, if we want to become to become a developed nation in near future.

India Should Take Cyber Forensics Seriously

It is no secret that criminals are using information technology for various nefarious activities in India. It has become very important for law enforcement agencies, security agencies and legal and judicial members of India to understand technology.

Police force plays an important role in maintaining law and order in the society. Police force is also the first level of interaction that brings together cyber crimes, high tech crimes and terrorist activities and investigation techniques. Thus, police force must be well versed with and must have sufficient training for cyber law and cyber forensics issues.

When cyber criminals and terrorists are using technology, police force and security agencies of India cannot afford to be indifferent towards the same. India has limited cyber forensics laboratories and they are already overburdened. This results in a backlog of cyber forensics investigations and crucial evidence cannot be produced before the courts at appropriate time.

Further, there is also an urgent need to have good cyber forensics research and training institutions in India. Presently, we have a single techno legal cyber forensics research, training and education centre in India. It is managed by Perry4Law Techno Legal Base (PTLB).

Home ministry of India must consider an active use of cyber forensics for effective fulfillment of its duties. The present initiatives of home ministry are far lesser than the required one. Cyber forensics is a very crucial and important field and India must appreciate its importance as soon as possible.

National Security Policy Of India Is Required

National security is very important for any nation including India. However, the term national security is also the most controversial and vague one. This has been deliberately done so that the card of national security can be played anytime to suppress civil liberties.

In the year 2008 letters regarding "constitutionality" of the proposed information technology (Amendment) Bill, 2008 (IT Act 2008) and National Security Policy of India have been sent by Praveen Dalal, Managing Partner of Perry4Law, to the Prime Minister of India (Dr Manmohan Singh), President of India, Parliament Members (Lok Sabha and Rajya Sabha), Government of India (GOI), Department of Information Technology (DIT), Department of Science and Technology (DST), CERT-IN, etc.

However, not only the IT Act 2008 was passed but it expressly incorporated certain unconstitutional provisions regarding Internet censorship, website blocking, e-surveillance, etc. The result is that civil liberties are blatantly violated in India through e-surveillance, unlawful interceptions, illegal phone tappings, etc.

Had the suggestions of Praveen Dalal accepted by our Prime Minister in the year 2008 itself, lots of troubles could have been avoided. Once again he has suggested for the enactment of a lawful interception law in India.

The first and foremost requirement in this regard is to repeal the unconstitutional cyber law of India and Indian Telegraph Act, 1885 and enact constitutionally sound lawful interception laws in India.

Further, the Cabinet Committee on Security (CCS) of India must clearly lay down what constitutes national security. CCS has to play a pro active role in this regard. This problem can be solve if the CCS works in the direction of making a suitable and constitutionally sound national security policy of India.

Let us hope that the CCS would accept the suggestions of experts this time and would come up with a national security policy of India very soon.

Cyber Law Of India Has Decayed

Cyber law of India is one of the most important laws. However, it has never been given any importance. Cyber law of India is incorporated in information technology act, 2000 (IT Act, 2000) that was amended in 2008. However, the cyber law of India has been decayed to such an extent that it needs an urgent repeal.

India urgently needs some good technology related laws. For instance, we do not have cyber security, cyber forensics, lawful interception, privacy laws, data security laws, data protection laws, etc in India.

The ministry of communication and information technology (MCIT) never bothered to give cyber law of India any strength and effectiveness. This is the reason why prime minister’s office (PMO) must interfere and do something in this regard.

In fact, the matter is so important that it deserves the attention of cabinet committee on security (CCS) of India. Cyber law of India covers many issues that are related to other projects as well. These projects are presently supervised by CCS and it would be a good idea if cyber law, cyber security and cyber forensics are also made part of the same.

MCIT has been in controversies for corruption and bad policies. It has also been too soft towards and too submissive to the industrial lobbying that never allowed a strong cyber law for India. Let us hope our honest and upright Prime Minister Dr. Manmohan Singh would take cyber law of India seriously.

Google Search Algorithm Has Improved But Is Slow

Google’s search algorithm has improved to a considerable extent and it shows results that are difficult to find in other search engines like Yahoo, Bing and DuckDuckGo. However, Google’s web indexing has been affected badly due to these recent changes.

Previously, Google has to take care of a bug in its indexing mechanism that showed different and incorrect results. While the bug has been remedied yet posts are still not indexed and appearing properly. At times posts are indexed only after two or more days and are kept in abeyance till that time.

Further, Google has taken a good step by removing Splogs that have clogged its results. Still much has to be done regarding Blackhat search engine optimisation (SEO) techniques.

However, there is an issue that requires immediate attention of Google. Sites that are posting contents of others are finding a place in Google search engine’s first page and original posts even do not appear in the same. Many of our posts have been picked by other sites and they are appearing on front pages whereas our posts are either dumped somewhere deep or do not even exist.

This is also due to the fact that if an article has been put in a black hole by Google and is not indexed for two or more days, others who are following the Blog would post the same and their article would be indexed rather than the original one.

While Google is working in the direction of improving search results and better user experiences and expectations yet Splogs and Content Farming sites are still winning the game.

Supreme Court Irked At Pathetic Privacy In India

Finally, the Supreme Court of India took a serious note of the growing and blatant incidences of privacy violation in India by Indian government and private individuals/companies supported by it.

Supreme Court went upto the extent of saying that no person living in India is safe from privacy violations and omnipresent forgeries prevalent in India. The observation came while hearing a petition filed by politician Amar Singh regarding illegal phone taping of his communications.

The telecom company in question is Reliance Communications that is now claiming to have acted on the basis of a forged letter claiming to have authorised phone tapping of Amar Singh. Reacting sharply the Supreme Court asked the Centre why the licence of the service provider was not cancelled for such a casual approach.

This case is just tip of the iceberg as we have no lawful interception law in India. Phone tapping in India is done in an illegal and unconstitutional manner. There is no provision for judicial oversight of executive orders authorising phone tapping.

The most fatal blow came from the information technology amendment act 2008 that amended the sole cyber law of India. Through this amendment India has become an endemic e-surveillance society. There are no procedural safeguards against the orwellian powers that Indian government acquired for itself through this amendment.

The present practice of Indian government regarding phone tapping, e-surveillance and e-interceptions is far from being legal and constitutional. India urgently needs a constitutionally sound lawful interception law. Let us hope the Supreme Court would bring some order in the otherwise chaosed banana republic of India.

Cyber Law Of India In Bad Shape

Cyber law is an important legislation these days. With active use of information technology in almost every aspect of our daily lives, there is an inescapable requirement to regulate our online behaviours.

An ideal cyber law must regulate illegal and unlawful activities while giving maximum leverage to legitimate and legal dealings. Indian cyber law is doing the opposite. While it encourages cyber criminals to engage in unlimited and unrestricted criminal activities by making their criminal acts bailable, legitimate and law abiding people are subjected to unconstitutional e-surveillance and scrutiny.

There was no need to provide unregulated and unaccountable e-surveillance, Internet censorship and website blocking powers to Indian government and its agencies. But not only was it done through the information technology amendment act, 2008 but that also without any procedural safeguards.

On the other hand, the amendment also made almost all the cyber crimes bailable thereby making the cyber law of India impotent and cyber criminals friendly. The ministry of communication and information technology (MCIT) seems to have succumbed to industrial lobbying and made the sole cyber law of India a big mockery. Even Kapil Sibal seems to be in no mood to repeal the present cyber law and come up with a strong and effective cyber law.

Now it is for the Prime Minister of India Dr. Manmohan Singh to take appropriate action. He cannot afford to maintain a silence stance. Already the implications of weak cyber law and inadequate cyber security capabilities of India have started appearing. Indian cyber space is regularly invaded by crackers and foreign nations. But then who cares this is India.

Mobile Banking In India Is Risky

The idea of mobile banking in India is not new and rather it is one of the most progressive and promising initiative. However, like all other projects and initiatives of India, even mobile banking is not free from troubles.

The present banking and other technology related legal frameworks are not conducive for mobile banking in India. We do not have a well developed e-governance infrastructure in India. Similarly, on the front of e-commerce as well, India is not much successful.

However, the most troublesome legal hurdle is a weak and cyber criminal’s friendly cyber law of India. The information technology act, 2000 (IT Act, 2000) is the sole cyber law of India that does not carry any sort of deterrent effect. While implementing mobile banking in India, sound legal framework is required for banking and cyber law related issues.

There are no limits to the troubles when institutions like national payments corporation of India (NPCI) and unique identification authority of India (UIDAI) join their hands. Both Aadhar project and UIDAI are unconstitutional as they go against the very scheme of Indian constitution. Further, they are also not supported by any legal framework and are executive hegemony by hijacking the constitution.

NPCI has decided to use unconstitutional and illegal UID numbers for allowing customers to do financial transactions using their mobile phone. It may be used to open an account, make a cash deposit or a withdrawal. NPCI would use the UID number along with the customer's thumb impression for offering this service.

Surprisingly, this is proposed immediately after the reserve bank of India (RBI) has asked the banks to consider the report of one of its working group dealing with cyber frauds and cyber crimes. This initiative seems to be going against the core recommendations of that report.

Presently, banks are not performing due diligence as per the requirements of cyber law of India. Let us hope the RBI would make this initiative of NPCI /UIDAI more users friendly and safe.

Should India Use Cloud Computing?

Cloud computing is a profitable business model, especially in India. This is the reason why it has been literally imposed upon Indian netizens without telling them of the dangers of the same.

India has a weak cyber law, ineffective cyber security and lack of privacy, data protection and data security laws. In other words, cloud computing is a perfect breading ground for cyber criminals of India and word over.

Lack of regulatory and security support has discouraged a dominant majority of CEOs in India to use cloud computing for their business. Add to these woes the incidences of frequent leakage of sensitive information in India as well as growing unaccountable e-surveillance in India.

Imagine a situation where the cloud computing service providers have nothing to loose by intentional or unintentional leakage of sensitive information. They cannot be challenges in a court of law as they would not be violating any law.

Further, if the security agencies are accessing that information, even without a court warrant, these cloud computing service providers would be more than happy to oblige them.

India must first establish proper legal frameworks for privacy, data security, data protection, lawful interceptions and effective cyber laws. Equally important is a law on information security that is missing in India.

Till these laws are in place, cloud computing is a risky and undesirable model in India.

Blackberry May Get A New Deadline In India

The time limit to provide encryption keys of enterprise services of Blackberry has already expired. Research in motion (RIM), the company managing Blackberry services, is still maintaining that it has no control over the encryption keys residing at the sets of users.

However, Indian government is not accepting this argument of Blackberry and is still asking for the keys. Since the deadline is already over, it is obvious that Blackberry would get another breath of life in India.

Meanwhile, Telecom Secretary R. Chandrasekhar said the access to corporate emails sought by India's security agencies is not specific to RIM. However, the government has not sent any requests seeking access to any other companies, he said. Of course, he is hinting towards encrypted Gmail and Skype services.

This deadlock is not going to be solved very soon. However, government of India has forgotten a more important issue associated with this exercise. It is very easy to get information in plain text in real time but it is an altogether different game when it comes to decrypting a highly encrypted message.

Encryption is not limited to Blackberry services alone. There are many great free encryption software that Indian security agencies would never be able to defeat. This is so because Indian security agencies are taking the easy route rather than developing good and effective cyber forensics capabilities.

TRAI Let Down Indian Mobile Users Again

Telecom Regulatory Authority of India (TRAI) has once again let down Indian mobile users by extending the date of telemarketing regulations till 1st March, 2011. It seems the telemarketing lobby would never allow regulation of telemarketing calls and messages in India.

TRAI first adopted the defective do not call registry instead of do call registry. Now it is shying away from imposing a ban upon telemarketing industry, which is not at all welcomed by frustrated mobile users in India.

Telemarketing is a clear violation of right to privacy but who cares about privacy in India. Indian government has openly declared its intentions to violate privacy rights of Indians by projects like Aadhar, Natgrid, CCTNS, etc. Telemarketing nuisance is just another feather in the privacy violating policy of India.

However, the matter does not end here. There is also a related and much more dangerous situation developing in India. Indian cyber law is a weak piece of law when it comes to punishing cyber criminals. Realising the potential of making quick buck, cyber criminals have now started using messages/SMS to perpetuate their favourite Nigerian scam.

Instead of an e-mail now cyber criminals are sending SMSs to unwary victims and duping them of lakhs of money in India. Since there is no scrutiny and regulations for such fraudulent and telemarketing calls and SMSs, many are getting fooled by the same.

However, Indian government in general and department of telecommunication (DoT) India and TRAI in particular are well committed to allow these nefarious activities to the detriment of common man. Mobile users must be wary of such frauds and must develop their own methods to prevent loss to themselves. The best option seems to be aware of such frauds and never reply back to them.

Encryption Is A Feared Technology In India

National security should be strengthened by technology and not threatened by it. In fact, technology seldom threatens national security but only strengthens it. Still governments all over the world are trying to make technology a villain and are using the façade of national security to suppress it.

Recently, Google, Skype and Blackberry were in news for their encryption technologies. Google was asked to surrender the encryption keys of its Gmail that it, rightly and boldly, refused. Skype has not yet been officially contacted regarding its encrypted VOIP services. Research in motion’s (RIM) Blackberry, on the other hand, is in continuous controversies.

Although Blackberry has agreed to provide real time and in plain text access to its messenger services through a cloud computing environment in India yet it has expressed its inability to provide encryption keys residing at user’s servers for its enterprise services. Another deadline passed as Blackberry did not provide the encryption keys to India.

India’s intention to curb cyber security capabilities of Indian citizens became apparent when the sole cyber law of India, i.e. information technology act, 2000 (IT Act, 2000) was amended by the information technology act, 2008 (IT Act, 2008).

The government was quick enough to confer upon itself and its agencies wide and unregulated e-surveillance and Internet censorship powers, but it deliberately avoided incorporating necessary safeguards to prevent abuse of these powers. Till now we do not have such safeguards.

Even procedural safeguards and applicability regarding encryption norms in India have not been incorporated by the government till now. There are no rules regarding encryption standards under the amended IT Act, 2000.

India should not fear encryption and should not sacrifice the cyber security of its crucial organisations and systems. Criminal elements and terrorists have better methods than using mere Blackberry, Skype or Gmail. Leave these companies/services alone and develop actual cyber security capabilities so that cyber criminals and terrorists can be arrested before they engage in their nefarious activities.

Use Of ICT For Legal And Judicial Reforms In India

Information and communication technology (ICT) has been improving the lives of millions all over the world. ICT can be used for multi purposes through the mode of e-governance. E-governance can reduce the hassles that ordinary man has to undergo in India.

Anybody familiar with the Indian legal and judicial system would tell you that it horrifying in nature. A common man dares not to engage in court proceedings and prefers to settle his disputes outside the courts.

Even growing rates of retaliatory crimes show an increasing distrust towards our legal and judicial system. There is an urgent need to bring suitable legal and judicial reforms in India and nothing can bring speedier and effective reforms than use of ICT for legal and judicial purposes.

The only problem seems to be that we lack good techno legal institutions that can implement techno legal ICT legal and judicial reforms in India. Except a single techno legal training and consultancy institution managed by perry4law techno legal base (PTLB), we have no institution that can implement use of technology for legal and judicial purposes.

Till the month of February, 2011 we have still to establish the first e-court of India. We have still to streamline and adopt use of online dispute resolution (ODR) in India. Without an active use of ICT, Indian legal and judicial system cannot improve.

The call is for the law minister Mr. Veerappa Moily to take and it is high time for him to deliver results as till now only promises have been made in this regard.

Is Internet Kill Switch A Solution To Cyber Threats?

Internet kill switch (IKS) has been in controversies for long. Legislative exercise to allow President of America to use the IKS in cases of national emergencies has started once again. The crucial question that arises at this time is whether IKS is a solution to growing cyber threats like cyber espionage, cyber warfare and cyber terrorism?

Some experts claim concept of IKS does not exist at all since Internet cannot be killed absolutely by any nation. They have even labeled IKS as a misnomer and suggested that instead of this endemic e-surveillance exercise, countries must concentrate upon better cyber security.

I would not go into the discussion whether IKS can kill or paralyse Internet at all. My limited concern is whether IKS is a solution to growing cyber threats world wide? I believe that IKS is definitely not a substitute for robust and effective cyber security.

While IKS may be a back door attempt to engage in endemic e-surveillance exercises, it has little to do with effective cyber security practices. Cyber criminals all over the world are engaged in stealing sensitive information and compromising more strategic computer systems. Some of them are even stealth in nature with no sign of their existence.

The real threat is from these stealth cyber criminals who have control over many strategic computers. Think about a situation where these cyber criminals get the control of IKS itself. The first such attempt would definitely come from enemy and rouge states. By developing an IKS we would be allowing these enemy states to take control of our cyberspace.

Of course, IKS would be strongly guarded by robust cyber security measures but are these measures sufficient enough? I think they are not because if they are sufficient enough to prevent cyber attacks, we would no more need an IKS. We can deploy the measures meant for IKS itself to guard our own cyberspace from foreign intrusions. Let us think about it before jumping upon the IKS wagon.

Duckduckgo: For Privacy Enthusiastics And Others

While it is still premature to predict whether privacy or efficiency would be the decisive factor for search engines, but one thing is for sure. DuckDuckGo (DDG) is going to stay. Its main strength over other search engines like Google and Yahoo is that it is privacy oriented and is a great combination with the onion routing (TOR) software.

While Google and Yahoo do not provide user friendly results for their services if TOR is used, Bing is an exception. Bing does not show any error like Yahoo or ask for capacha verification like Google while using TOR.

However, when it comes to DDG, not even Bing can match it. This is because of the unique and anonymity features of DDG. If you use DDG through TOR using latest version of Firefox, your privacy is assured to a great extent. Google, Yahoo and Bing fail on this front.

However, some additional steps must be taken by users to get a stronger anonymity. They must manage their plugins and addons and must ensure that their information is not leaked by them. Take special care of java and java scripts through NoScript along with a Firefox browser.

Use DDG and have a safe, secure and private browsing experience.

Is Google Against Use Of Tor Software?

There is a question that has been troubling me for long. The question is whether Google is against use of Privacy safeguards like Tor software? This question arose as one of my friends used the Tor network while opening a new Blog.

It seems Google misunderstood the Tor traffic as malicious activities and removed the blog from its database. The complete details of the same are available at its Help Forum. Fortunately, I got some good suggestions and guidance from one of the Top Contributors there named Nitecruzr.

These suggestions and guidance helped me in understanding much of the procedure of Google and the common mistakes that must be avoided. However, the core question still remains unanswered?

The only question to be considered is whether use of privacy and cyber security safeguards like Tor software is in itself sufficient ground to remove a blog from Google’s database?

If a blog is not a spam blog or otherwise not a malware infected, does the mere use of Tor violates the terms and conditions of Google? I have submitted a review request with Google and keeping in mind their competencies and professional attitude, a result is expected soon.

When Google and others are working in the direction of strengthening the privacy of its users, use of Tor per se should not be any problem. For instance, Google itself is working in the direction of making browsers more secure and anonymous.

We hope Google would not be against privacy of its users as such.

Cyber Crime Cells Of India Lacks Expertise

Law enforcement is a tedious task especially in the present information technology world. Technology has posed many challenges before police forces in India regarding cyber crimes. In the absence of awareness about cyber law of India, police officials in India are avoiding dealing with growing cyber crimes in India.

Even if a case is registered for cyber crime, police officials in India do not possess required expertise to solve the same. For instance, even basic level cyber forensics capabilities are missing in various cyber cells of India. Although cyber cells have been opened in India yet a dominant majority of them are not actually doing anything for solving cyber crimes.

The main reason for this poor performance is lack of cyber law and cyber forensics knowledge. It would be unfair to expect an expert knowledge from police officers in India but they must at least know the basics of cyber law and cyber forensics. They must have at least basic level of techno legal cyber law and cyber forensics trainings.

Home Minister of India Mr. P. Chidambaram must seriously consider projects and initiatives that can help in developing cyber skills of police force in India. Issues like cyber law and cyber forensics have not yet been considered important enough by him so far.

Further, good and effective trainings courses must also be arranged for police force in India that is presently missing. With ever increasing use of technology, police work in India is going to be more challenging. Police force must be prepared for this challenging job.

Blackberry Messenger Service Now An E- Surveillance Tool In India

Research in motion (RIM) has been under tremendous pressure form Indian government to allow e-surveillance and interception of its Blackberry services. In order to safeguard its commercial interests in India, Blackberry has established a framework that would allow Indian intelligence agencies to monitor contents on its messenger service.

Blackberry has now asked the Indian government to issue a directive to the operators to connect to its new automated service that would allow such interceptions. However, this arrangement does not extend to the enterprise Virtual Private Network (VPN) solution, provided through the Blackberry Enterprise Server (BES) product.

RIM is still maintaining that there can be no change to the security architecture for BES in India or any other country as the decoding of BES emails by RIM is not technically possible. This is so because neither RIM nor the wireless operators are ever in possession of the customers' encryption keys.

India has presently no constitutionally valid phone tapping and lawful interception law. This practically means that Blackberry/RIM is supporting Indian government in its illegal phone tappings and interception exercises.

The BES of RIM is still out of the reach of Indian government because of technology alone. For other purposes as well, Blackberry users must use technology for self defence and to protect their civil liberties.

A research project named RIM Check has also been designed to gather information on how traffic exits the Blackberry network depending on the country in which the user is located. Those wish to analyse their Blackberry traffic to detect illegal e-surveillance by Indian government, can submit their data to this project.

Government Is Responsible For Growing Cyber Crimes In India

Cyber crimes in India have increased at an alarming stage. What is worrisome is the fact that it is the Indian government itself that is responsible for this menace. India has a sole cyber law that is incorporated in the information technology act, 2000 (IT Act, 2000). Though it needed improvements but there was no case for its deterioration to the detriment of national interest of India.

Indian government brought the deleterious information technology amendment act, 2008 (IT Act, 2008). Through this amendment almost all the cyber crimes have been made bailable and this removed all sorts of deterrence for the cyber criminals in India and world wide. Indian cyber law is already a piecemeal attempt and this amendment further made it a bane for India.

Concerns regarding India becoming a safe heaven for cyber criminals were incessantly raised by techno legal experts of India but Indian government did not pay heed to the same. Naturally, the present situation was bound to arise.

In the interest of India, Prime Minister Dr. Manmohan Singh must urgently intervene and ensure that an effective, strong and stringent cyber law is enacted. The present cyber law of India is doing much more harm than any help for India.

RBI Mandated Cyber Due Diligence For Banks In India

The Reserve Bank of India (RBI) has recently released a report of its working group on information security, electronic banking, technology risk management, and cyber frauds.

The report covers various areas such as IT Governance, information security (including electronic banking channels like internet banking, ATMs, cards), IT operations, IT services outsourcing, Information System Audit, Cyber frauds, business continuity planning, customer education and legal issues.

The report has also issued many guidelines that Indian banks would be required to follow in order to provide safe and secure technology driven banking. Practically, this means that banks in India would be required to adopt techno driven and cyber law related due diligence requirements.

Indian information technology act, 2000 (IT Act 2000) carries many provisions that may result in liabilities on the part of various banks. With growing cases of cyber crimes and cyber frauds, banks must take both IT Act, 2000 and these guidelines very seriously.

Banks must take a special care of ATM frauds, credit card frauds, online banking and Internet banking frauds, etc. Besides, phishing scams must also be taken care of by banks.

With the present guidelines, banks can no more ignore due diligence requirements that they have been ignoring for long. The earlier banks are prepared for cyber related issues the better it would be for them.

RBI Must Curb Online Banking Frauds In India

The recent decision of Reserve Bank of India (RBI) to prevent ATM frauds in India is a welcome step in the right direction. The next step that RBI must take is to strengthen the entire IT infrastructure for banking industry in India.

ATM is just one of the aspects of banking industry. Online banking and Internet banking is still to be made temper proof from cyber criminals. Another challenge is the weak and cyber criminal friendly cyber law of India.

The sole cyber law of India is incorporated in the information technology act, 2000 (IT Act 2000). The Act has made almost all the cyber crimes bailable. For instance, if a person cracks your e-mail account or online banking account, the courts have to release him on bail as a matter of right. He cannot be put in jail and he would go free even after committing the offence of cracking (read hacking) in India.

RBI would have great troubles in meeting this challenge because no matter howsoever effective steps it takes, cyber criminals have great incentives to commit cyber crimes against banking institutions in India, says Praveen Dalal, a Supreme Court Lawyer and leading techno legal expert of India. The banks must use “Techno Legal Solutions” on the one hand and spread “Public Awareness” on the other, suggests Dalal.

It is clear that RBI has to meet great challenges before Indian banking industry can be considered reasonably safe from cyber criminals.