Let's Build a Responsible Cyber Society
[15th Year in service of Netizens]

 
 
Naavi's Payment
Center
USD-INR Rate

 

Contact Address
E-Mail

 

About Us

Consultancy

Affiliation
 

Trademarks

Privacy Policy, Editorial Policy & Disclaimer

 

Business Enquiries

Advertising

 


 


Search Naavi.org

 

Deep Links

ITA 2008

ITA-2000
ITA 2000- Rules
Amendments
Articles

Archived News

Services

Arbitration

Cyber Evidence Archival Center

Cyber-Notice

Verify4loolalikes

HIPAA_India

Legal BPO

 

Education

Cyber Law College

CyLawCom

 

Other Naavi Sites

Kannada site

Information Assurance

 

Reference Sites

LII of India

Legal Information

Cyberlaw Stanford

Cyberlaw.org.uk

Law & Tech Blog

Spreadlaw

 

Cyberlawcases.com

Cyber Frauds

Cyber Crime Cases

Cyber Crime cases2

CDAC-info

Bank Frauds Forum

 

Consumer Forum

Consumer Forum-2

RTI-CIC

DSCI

GIGA

 

Safe surfing

onguardonline

bangalorecss

esafeindia

alertindian

 

Arbor Reports-India

 

CAT Website

List of AOs

Bangalorecss
WSIS
 

Misc Naavi Initiatives

Naavi Cricket Rating

 
 

 

 

Cyber Law Forum


[Valid RSS]

 



"This website is the Wikipedia of Indian Cyber Laws".. A Visitor's remark


Total Information Assurance.. a new concept from Naavi



 
 
Naavi.org  is now appearing in a new design which is considered more functional. The new word press supported design is maintained from 12.12.12. Content posted earlier will be available through this home page http://www.naavi.org/index1.html.

The search facility for post 12/12/12 is covered by the word press. The search for the earlier post is now provided by http://www.jrank.org/ (indexing may start after a few days)

SEARCH HERE

Site Search

Site Search

 

New Versions of Naavi's E books Available in PDF format at affordable prices


Virtual Key Board unsafe under IE

Dec 13: A vulnerability in Internet Explorer is said to make it possible for a hacker to track the mouse cursor movements on the screen. This would make the "Virtual key board" system used by some Banks for password entry useless. At present the vulnerability is identified for IE and many would use other browsers. However some sites  are compatible only with IE and force users to use IE. In such cases vicarious liabilities may attach on the site for inadequate security. Related Article

FIR Filed Against Airtel CMD

Dec 12: Naavi has long been complaining that Airtel is practicing unethical practices for over charging its customers including placement of fraudulent transactions in the customer's mobile and data usage accounts which amount to offences under ITA 2008. It is therefore no surprise to learn that an FIR has been filed against Airtel for extortion and threatening of one of the clients in Bangalore who has been allegedly wrongly billed for Rs 50000/-. Report

Suspected Fraud-Make My Trip Credit Card offer

Dec 8: Today I received a telephone call from 040-40502373 in the name of Make My Trip with an offer for a special HSBC Platinum credit card with two free air tickets. The offer was too good to be rejected. However when the caller wanted to know my Date of Birth and PAN Card number before proceeding further, it appeared that this was a suspected Identity stealing attempt. I am trying to get more details and a confirmation. In the meantime in order to keep public informed, I am posting this information here. I request public not to reveal sensitive personal information such as the DOB and PAN Card number to unknown persons as it may be involving a identity theft risk.

How the OTP system for Bank transactions is bypassed

Dec 7: The commercial banks in India have banked heavily on the two factor system where the OTP sent through a mobile is used to authenticate the password based access. Some Banks like SBI and ICICI Bank even tried to convince the RBI that this two factor authentication should be given a legal sanction. Now this case study explains how the new variants of Zeus Virus is used to defeat the two factor authentication with the use of a mobile.  Named as "Eurograbber" this virus is reported to have been used for defrauding over 30000 bank customers across EU to the tune of around 36 million Euros. This also represents the risk that Indian Banks are facing. It is anybody's guess if the Indian Banking system can survive such an attack. If such a damage occurs, Indian economy will be in shambles not withstanding any of the other efforts of the GOI.  Case Study


PWC Survey on Security preparedness

Dec7: PWC has released the findings of its "The State of Information Security survey-2013" indicating that there is an increasing interest and budget allocations for Information security in the Indian companies. Report

Centralized IMEI data base to go on trial in a month

Dec 5: In a measure that could put a break on Mobile thefts, Government of India has approved a trial running of a centralized IMEI data base in India. This would enable tracking of stolen mobiles and make it difficult for sellers of stolen mobiles to find buyers. Report

Cyber Fraud Survey in India by KPMG

Dec 5: KPMG has released a Cyber Fraud survey amongst business units which is a useful document of record. Called the Fraud Survey 2012, it identified Cyber crime, IP fraud, Identity theft as frauds of the future and concluded that "Indian Firms ill-equipped to mitigate fraud". It identified that 70% of companies had no effective mechanism to tackle frauds. It also said that 38% of respondents had experienced cyber crimes but 78% were unaware of the risks. 40% did not have policies for access to web. Details

"Photo Sync" from Facebook-A New Threat to Privacy

Dec 4: Facebook has introduced a new feature called "Photo Sync" for mobile users which is likely to be a new threat to privacy to casual users. If enabled, the feature will automatically upload the photographs from the mobile to Face book. Though initially it is not shared, it will get into Facebook and may eventually be either shared with some unsuspecting click or otherwise be available for Facebook hackers. What is worrying is that a person's photograph may be uploaded if it is captured by another person in his mobile and if and when it is deleted on placement of a complaint from the mobile it may still be available in the Facebook. Users of Android.iphones are advised to ensure that this feature is deactivated. Details : ಫ಼ೇಸ್ಬುಕ್ಕ್ ಇಂದ ಮತ್ತೊಂದು ಹೊಸ ಆತಂಕ

GOI to file Reply on CAT Chairperson appointment in Karnataka High Court

Dec 3: The PIL regarding the non appointment of the Chair person for Cyber Appellate Tribunal (CAT), in New Delhi was heard in Karnataka High Court today. The PIL filed by an advocate Sri Chaitanya has alleged that the non appointment of a chair person to CAT has placed several Bank fraud victims at a disadvantage since their cases are held up without judicial scrutiny since June 2011 and requested the Judiciary to direct the Government to take necessary action. The counsel for the GOI has requested for 6 week's time for filing the reply from the Government side.
Julian Assange on Internet Freedom

Dec 3: Wikileaks Founder Julian Assange speaks of how an infrastructure for total control of Internet is already in place and is beig also used partially. ... Details




PATCO Case: Bank's Liability for Frauds

Dec 3: Naavi has been personally fighting several Bank fraud cases on behalf of victim customers. This struggle has been temporarily blocked because the Government of India has failed to appoint the chairperson for Cyber Appellate Tribunal (CAT) since June 2011 when the previous chairperson retired. Naavi believes that the delay is caused by some of the influential Banks who donot want a progress in the cases pending against them and are in the meantime trying to convince the Reserve Bank of India to change the regulations to their liking to manipulate the environment in their favour. Much to the disappointment of these Banks, RBI actually has so far refused to dilute the security prescriptions as desired by the influential Banks though the MCIT appears to be more flexible to amend laws to make it adverse to Bank customers.

In this context it is interesting to observe that the case of Ocean Bank (now called People's union) Vs PATCO has after a see saw battle landed in favour of the customer.

District Court ruling in faviour of the Bank: In June 2011, a US Districit Court had ruled in favour of the Bank holding it as not liable for the fraud which occured with the use of a key logger trojan. It had ruled that the security system adopted by the Bank in the form of log in ID and password was not deficient and met the contractual agreement between the bank and customer. In the process the court had disagreed with the earlier decision of another court int he Experi-Mental Vs Commercia case.

Reversal of the first ruling: :Here (on July 3, 2012)  the federal appeal court reversed the earlier District Court ruling holding that the Password based system was "Commercially Unreasonable". Copy of order

Settlement: The Bank finally settled with the customer and reimbursed the loss of Us$ 345,000/- after the customer agreed to drop claim for expenses and other collateral claims.

This has finally brought the curtains down on an interesting battle which will be a guide even in the Indian scenario.

Compliance of Section 43A in a Corporate Environment

Dec 2:  Here is a brief guideline which companies may try to folllow to work towards compliance of Sec 43A-ITA 2008  requirements as a part of their Information Assurance Plan. ...Details
TELCOs are responsible to counter Chinese Threat

Dec 2: An US intelliegence report recently advised that "American companies and its government should avoid doing business with China's two leading technology firms, Huawei and ZTE, because they pose a national security threat to the US". Copy of the report

After considering this report, the GOI has placed the responsibilities of countering the reported security threats arising from the Chinese telecom supplies entirely on the companies themselves.

In a press release issued by the Government, it is stated that ..."it is mandated that Telecom Service Providers are responsible for the security of their network. It is also mandated that only those network elements shall be inducted into their Telecom Network, which have been tested as per relevant contemporary Indian or International Security Standards e.g. IT and IT related elements against ISO/IEC 15408 standards, for Information Security Management System against ISO 27000 series Standards, Telecom and Telecom related elements against 3GP, 3GPP2 security standards etc from any international agency/ labs of the standards e.g. Common Criteria Labs in case of ISO/IEC 15408 standards until 31st March 2013. From 1st April 2013 the certification shall be got done only from authorized and certified agencies/labs in India. The copies of test results and test certificates shall be kept by the licensee for a period of 10 years from the date of procurement of equipment, which can be audited / demanded any time during this span, by the licensor."

Ref: Press Release

CRAC Meeting Official Press Release

Dec 2: The meeting of the Cyber Regulations Advisory Committee held on November 29, 2012 was a historic event since it was the first time that the committee met since ITA 2000 came into effect. According to the act, CRAC deliberation is mandatory for any amendments to the Act. However there was no public knowledge of any such meeting having been held when the ITA 2000 was amended in 2008 and Naavi.org has even commented that the amendment process for ITA 2008 was faulty. In this context the current meeting held in the aftermath of the Palghar arrests under Section 66A was significant. The press release issued after the meeting records that " a suitable clarification in the form of guidelines in this regard be issued by the Government to States and Union Territories to clarify the intent and enable uniform implementation across the country. A consensus on the content of the draft guidelines was also arrived at."  Press Release

Further information available in the press only indicates that the States have been advised that action under Section 66A may be taken only by a police officer of a higher rank as indicated in the earlier report

UK Twitter Joke Case on Appeal

Dec 1: Paul Chamber case in UK which has been wrongly quoted some times in India in the Karti Chidambaram case has been referred back to Court in UK. During snowy weather, Doncaster's Robin Hood airport had closed, threatening to derail Chambers' plans to fly to Belfast to meet Sarah Tonner, a woman he had met on Twitter. He tweeted on the publicly accessible feed: "Crap! Robin Hood airport is closed. You've got a week and a bit to get your shit together otherwise I'm blowing the airport sky high!!. The Court debated the issue of  "Grossly Offensive" in the judgement. The Indian case was moe on the fact of whether "Tweet" is a "Message" or "Publishing". Sec 6A applies to "Messages" while Section 67 applies of "Publishing" and hence this distinction becomes relevant in India. Report

For Articles of Earlier Date Browse through Archives


 

PR Syndicate honours 'Cyber Law Guru of India', Na.Vijayashankar

PR Syndicate, (an organization of Corporate PR Professionals in Chennai,)  celebrated its First Anniversary on 20th January 2007 at Russian Cultural Centre. On the occasion, "Award of Excellence in Public Life"  was presented to 'Cyber Law Guru of India' Na.Vijayashankar...More

 

  What is Naavi.org?

Naavi.org is India's premier portal on Cyber Law. It is not only an information portal containing information on several aspects concerning Information Technology Law in India but also represents the focal point of several services around Cyber Law carried on by Naavi.

The first such service is the Cyber Law College a virtual Cyber Law education center in India which provides various courses on Cyber Law.

The second key service is the Cyber Evidence Archival center which provides a key service to help administration of   justice in Cyber Crime cases.

The third key service is the domain name look-alikes dispute resolution service which provides a unique solution for websites with similar looking domain names to co exist.

The fourth key service is the online mediation and arbitration service another unique global service.

The fifth key service is the CyLawCom service which represents the Cyber Law Compliance related education, audit and implementation assistance service.

Additionally, Naavi.org is in the process of development of four sub organizations namely the Digital Society Foundation, Naavi.net, International Cyber Law Research Center and Cyber Crime Complaints and Resolution Assistance Center. Digital Society Foundation is a Trust formed with the objective of representing the voice of Netizens in various fora and work like an NGO to protect their interests. Naavi.net is meant to develop a collaborative distributed network of LPO consultants. International Cyber Law Research Center would support research in Cyber Laws and Cyber Crime Complaints and Resolution Assistance Center would try to provide some support to victims of Cyber Crimes.

Together, Naavi.org represents a "Cyber Law Vision" that goes beyond being a mere portal. Started in 1997, when the concept of Cyber Law was new across the globe, consistent efforts over the last decade has brought Naavi.org to the beginning of "Phase 2" in which the services are ready to reach out to a larger section. This is recognized as the phase of collaborations and growth by association. Naavi.org will therefore be entering into a series of associations to develop each dimension of its vision with an appropriate partner. Individuals, Organizations and Commercial houses which have synergistic relationship with the activities of Naavi.org are welcome to join hands in commercial and non commercial projects of Naavi.org.

Naavi



If you would like to know  more about Naavi, the information is available here.

For Any Payments to be made to Naavi online :  Naavi_s Payment Center

Posts in Bloggernews.net


RSS Subscription


E-MAIL 



***

 


Naavi

E-MAIL

 

Deep Links

ITA 2008

ITA-2000
ITA 2000- Rules
Amendments
Articles

Archived News

Services

Arbitration

Cyber Evidence Archival Center

Cyber-Notice

Verify4loolalikes

HIPAA_India

Legal BPO

 

Other Naavi Sites

Kannada site

Information Assurance

 

Education

Cyber Law College

CyLawCom

 

Reference Sites

LII of India

Legal Information

Cyberlaw Stanford

Cyberlaw.org.uk

Law & Tech Blog

Spreadlaw

 

Cyberlawcases.com

Cyber Frauds

Cyber Crime Cases

Cyber Crime cases2

CDAC-info

Bank Frauds Forum

 

Consumer Forum

Consumer Forum-2

RTI-CIC

DSCI

GIGA

 

Safe surfing

onguardonline

 

esafeindia

alertindian

 

Arbor Reports-India

 

CAT Website

List of AOs

Bangalorecss
 
 

Misc Naavi Initiatives

Naavi Cricket Rating

 
 

 

 

Personal Links

Daily News

General
IT
Cricket
 
Daily Horoscope
.

*