Make Your Company HIPAA-HITECH Compliant

Train Your Employees for HIPAA Awareness ::Conduct HIPAA Compliance Audit

Click Here For Details



New Delhi on 11th September 2009  & Chennai on 28th August 2009


Recent Articles on ITA Amendment Act :   Copy of ITA 2008 : Comparison: ITA 2000 Vs ITA 2008  : Indian Information Security Framework-IISF 309


...For a Copy of the E Book on Digital Signatures, Click hereBing Blocks Sex related Search

Whitehouse unveils Cyber Security Plan

May 30: Yesterday, President Obama unveiled Cyber Security 2009, a plan of action to secure cyber space. ;Obama acknowledged that ;“We rely on the Internet to pay our bills, to bank, to shop, to file our taxes,” ..But we’ve had to learn a whole new vocabulary just to stay ahead of the cyber criminals who would do us harm – spyware and malware and spoofing and phishing and botnets. Millions of Americans have been victimized, their privacy violated, their identities stolen, their lives upended, and their wallets emptied.” Policy Document : Related Article 1 Related Article 2

E-Governance Fraud in US

May 30: A US $ 9 million Fraud has been reported in US where the employees of a Government department manipulated the tendering system to divert contracts to chosen vendors. This underscores the need for Information Security in e-Governance projects even in India. Details in Washington Post

Mysterious Virus brings down FBI Computers

May 30: Law enforcement computers in US were struck by a mystery computer virus last week, forcing the FBI  to shut down part of their networks as a precaution. An  FBI official confirmed that several other law enforcement agencies were experiencing similar issues and was working on the problem. Related Article in msnbc

Archiving as a Legal Compliance Requirement

May 28: Legal Compliance has become a necessary Information Security strategy for all IT companies following the recent changes in cyber law in several countries including India. Naavi has been in the forefront of suggesting "archiving" as a necessary IS initiative and pioneered the web service ceac.in over five years back. Though the industry in India is yet to fully appreciate the potential of this service and looked at commercial exploitation of the service, it appears that such a development is already in progress elsewhere. Recently Gartner has reported that a start up company in the SMB sector has garnered a significant 20% share in the market of e-mail archiving.

Related Article: SMBs like the way ArcMail Smells; Is 'Sniffing' the Next Big Thing in Email Archiving? : SMBs like the way ArcMail Smells; Is 'Sniffing' the Next Big Thing in Email Archiving?

Risk in Mobile Banking

In an interesting development that highlights insecurity in Mobile Banking, it is reported that Fraud investigators replicated an online banking scheme that involved using old Nokia 1100 mobile phones. Using software created by hackers, some of the phones are found to be capable of being  reprogrammed to receive another person's phone number and text messages. Under Mobile Banking transactions, some banks send one-time passwords that are needed to complete Internet banking transactions. A compromised phone gives bad guys access to this sensitive information. This hack also requires a person's online banking log-in information, but security researchers claim key-logging programs can easily garner these details. Unsurprisingly, criminals were willing to pay exorbitant amounts, such as US$7,567, for a used 1100 phone. Detailed Article

RBI should take note of this development before permitting mobile banking transactions. Bankers in India are also put on notice that unless they have adequate security measures, any introduction of mobile banking services will be considered a risk and should constitute lack of due diligence on the part of the Bank and selling of a defective service to the consumers.

Sec 69A comes under media scanner

The handling of the enormous powers that Sections 69,69A,and 69B of the ITA 2008  provide to designated Government officials has been a matter of concern and Naavi.org has been indicating that there is a need for a serious thought to be given on drafting "Safeguards" to prevent the abuse of powers. Though delayed, the media focus appears to be coming back to this sensitive issue with an article in TOI today commenting on the draft rules proposed under the Act. Refer: Govt gearing up to gag news websites

Naavi.org has already raised its concern with a call for a "National Netizen Rights Commission" or at least a "National Netizen's Rights Advisory Board". The proposed rules do provide for one or more "organization" to be notified to receive complaints, filter them and forward to the designated official for action. There is scope for an NGO or a private body to be designated as  such an "Organisation". The  action of the designated official can be reviewed by the "Review Committee" which will be a body of the secretaries.

We await to see if any NGO such as the "Digital Society Foundation" or a "Committee which includes  members from public" or "Bloggers Association" or "Web Publisher's Association" or  "Press Council" will get a say in the matter. Copy of draft rules

Privacy and information security compliant—hire a lawyer?

An article from examiner.com which makes an interesting reading. The essence of the article from Joe Campana who describes himself as an "Identity Theft Examiner" is as follows:

"An attorney is an important member of a business risk management team. However, the attorney is not likely going to be the privacy expert, the professional risk manager or the information security expert. Initiating privacy and information security best practices in the workplace by asking an attorney may not be prudent unless the attorney has specialized in that area of law.

When business management has an HR issue, the first stop is the HR professional; when it’s an insurance issue, it’s the insurance professional; and on matters of privacy, the first stop should be the privacy professional." 

Looks as if the situation in US is an exact reflection of what we see in India. .. Detailed article

Intelligence Agencies Warn BSNL against using of Chinese Modems

May 14: Intelligence Bureau and the Defense Ministry has advised BSNL not to buy equipments from Chinese Companies Huawei and ZTE as they are a security risk for the country. Defence ministry representatives,  were of the view that Huawei has been set up with the assistance of the Chinese army and has a tainted past in addition to being black-listed in US. Related Article in ET:

China Strengthens Cyber Law

It is reported that China has decided to strengthen its Cyber Laws with changes in Cyber Crime Law passed in February 2009. Details in PCworld

A Business Case for Information Security

May 12: Addressing the conference at IIM A on "Information Secuirty as a New Business Paradigm", at the two day International Conference on Security and Identity Management (SIM-09) at Ahmedabad, Naavi highlighted that a time has come to consider "Information Security" to be considered as a potential business opportunity by entrepreneurs. An abstract of the talk

International Conference on Security and Identity Management-IIMA

May 11:  A two day International seminar on Security and Identity Management (SIM-09) got on way at Ahmedabad. Organized jointly by IIM Ahmedabad (IIMA)  and the Research Council of UK (RCUK) the seminar explores the latest trends in approach to Security, Technological developments, Regulatory aspects and Business implications. The Mayor of Ahmedabad, the Dean of IIMA particpated in the inauguration. Dr Henry Bloomfeld, Professor of UK delivered the key note address. Naavi will be delivering a talk on Information Security as a new business paradigm during the conference. A report

Can a Consumer Dispute be a subject for DRT?

An interesting incident has been reported to Naavi.org which requires a debate. This is a case of a Bank customer who sent one foreign cheque for collection through a public sector Bank in India and received credit after 21 days. He proceeded to use the funds and ship a consignment to Uganda. After 4 months the Bank reversed the credit and demanded repayment of money stating that their correspondent Bank has now found that the cheque was not realizable. The Bank has invoked DRT and claiming the amount as a "Debt". The complete details are available at  http://www.bloggernews.net/120758

Views from experts are welcome.

Cyber Crime Convictions in India

According to a news report in Tmcnet.com, so far four Cyber Crime cases have been convicted in India. This includes the first case which was Suhas Katti case in Tamil Nadu and another case reportedly in Kerala for morphing. Two other cases cited in this report are convictions under IPC. We may add the Dr Prakash case in Tamil Nadu where part of the conviction was based on Section 67 of ITA 2000. Report in Tmcnet.com

 

PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar

PR Syndicate, (an organization of Corporate PR Professionals in Chennai,)  celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life"  was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More

Naavi's latest book "Cyber Laws Demystified" was soft launched at the Nimhans Convention Center during the Indian Police Congress. The book is a comprehensive coverage on Cyber Laws both ITA-2000 as well as IPR and other issues.

Structured into 24 chapters it also covers the proposed amendments to ITA-2000 in detail as an appendix. A copy of the Information Technology Act 2000 is also appended to the book.

The book also has several individual chapters on the legal issues of Cyber Banking, Cyber Advertising, Cyber Taxation and Cyber Terrorism.

The book is priced at Rs 750/-.

 For Enquiries and Bulk orders  click here. :

For online Purchase, Click Here

  What is Naavi.org?

Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.

The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.

The second key service is the Cyber Evidence Archival center which provides a key service to help administration of   justice in Cyber Crime cases.

The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.

The fourth key service is the online mediation and arbitration service another unique global service.

The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.

Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.

Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.

Naavi


Add Your Comments Here


If you would like to know  more about Naavi, the information is available here.

For Any Payments to be made to Naavi online :  Naavi_s Payment Center

[Valid RSS]

RSS Subscription

BLOG POSTS


E-MAIL 


Cyber Law College
........The Other name for Cyber Law Education in India
[Download Brochure]

***