Naavi.org

Following is an copy of the email sent to the RBI Governor today

To

The Governor
RBI
Mumbai

Dear Sir

Mr Yashasvi Yadav, an IPS officer in Maharashtra has published a very informative article on Darknet in TOI. The article  is available here.

The essence of the article is that “Dark Net” and “Dark Web” are posing a mortal risk to the society and needs to be fire walled.

Many technologists will immediately jump in to say that “Technology” and “Innovation” cannot be curbed. It needs to be promoted. The same argument  is being made for promoting Private sector crypto currencies which had led to our Finance Minister providing a sense of recognition through Crypto Tax proposal.

As Mr Yadav has indicated, there are many journalists and non criminals who are also browsing the dark net through Tor browser. This is the classic case of good people supporting the bad people for their own selfish reasons.

We must understand that Darknet and Crypto currencies are bad and any form of support must be avoided.

Mr Yadav suggests that we need to ban Tor browser and block all Tor traffic.

I fully endorse this suggestion along with the banning of all private crypto currencies so that the fuel that runs the darknet is dried up.

While Mr Yadav as a representative of the law enforcement  has expressed his views clearly and flagged the risk of technology, it is unfortunate that the Finance Minister through her budgetary proposal on Crypto currencies is working on strengthening the hands of the criminals by legitimizing the currency of the criminals. Her proposal to bring  Crypto currencies under the tax bracket and whitewash it as “Digital Assets” and simultaneously withdrawing the bill on “Banning of Crypto currencies”, is a big boost to the dark net activities.

The finance minister is trying to hoodwink the public by saying that she is generating tax revenue for the Government by taxing the Crypto transactions and has not recognized Private Crypto currencies. She has also effectively tricked even the Prime Minister Mr Modi to give a statement that the budgetary proposal on Crypto including the proposal for Digital Rupee will be an impetus to the  economy.

This is far from the truth.

The budgetary proposal on Crypto taxes will destroy the country and the Digital Rupee proposal is only a fig leaf to cover the criminal nature of private crypto currencies. The Digital Rupee server will be prone to a serious security risk and criminals will be able to directly hack into the server and issue any amount of fake Digital Rupee to render the system infructuous in no time.

As it is, the Darknet is a threat to the country. But the FM is adding further strength to the dark net through her proposal.

Will Mrs Nirmala Sitharaman wake up from her slumber?

If Mrs Nirmala Sitharaman goes through the proposal to recognize Crypto Currencies without banning of the Crypto Currencies, she should be given a special recognition for having destroyed the legacy currency system in India and causing the death of the world economic order.

Naavi

P.S: While the country is debating on the Hijab Controversy, professionals are refraining from joining the debate because any discussion could be mis-construed as “Political” or “Religious”. However, since the controversy is being debated in the Courts on the basis of the provisions of Indian Constitution, if the professionals remain outside the debate, they will fail to put across their views when it is required.  Hence this small piece.

Hijab Vs Uniform

The Hijab Controversy in Karnataka has now reached the Courts. If the Courts want,  the immediate controversy of “Hijab” in schools can be settled quickly as a need to keep religion out of the education institutions and making uniforms mandatory to ensure a sense of equality of students in a student group.

However, if the Courts want to allow the controversy to be taken to a debate of “Right to Practice Religion”, they will be opening a pandora’s box.

This should be avoided.

Right to Hijab Vs Right to Privacy

However, we should debate the  controversy from a professional perspective and pick up the thread whether the “Right to Hijab” is connected with the “Right to Privacy” as being argued in the Courts.

As we know, “Right to Privacy” was not defined in the KS Puttaswamy Judgement and it stopped at saying that Right to Privacy is part of the Right to life and liberty under constitution (Article 21) and like other fundamental rights is subject to reasonable restrictions to protect other rights of the third parties.

Justice Chelmeshwar went on an argument that Right to privacy includes what we eat, where we go etc., but Justice Chandrachud was clear that “Right to Privacy” is understood as the “Right to be left alone” and it is a mental state of a person to “Feel that he is left alone”. The judgement subsequently focussed more on “Information Privacy” which was the “Right to exercise a choice of how an individual’s personal information can be used by the society”. This was however subject to the “Reasonable Exceptions”.

Right to privacy is not a “Right to anonymity” where one would like to hide his/her identity and interact with other members of the society. It is unacceptable that a person will say I will enter into a transaction with you but I would not like to reveal my identity. This leads to the situation where the right of privacy of one person affects the right to security of another person.

The first level of trust in  human interactions starts with the identity of the other person. Identity is declared by the persons by saying “I am so and so”. But this spoken word is re-inforced by the two people seeing each other, so that there is a “Facial Recognition”.

Any method by which a person will put a veil on his face defeats the requirement of two transacting persons identifying each other and develop “Trust” for conducting a transaction.

A “Transaction” is not always a transaction of “Sexual intentions” and the Court cannot uphold the principle that when a man sees a women, it is always with a bad intention. If this is the basis of Hijab then Courts have to come down heavily against this “Deemed” perception even if it is written down in religious texts.

“Facial Identity” is the essence of building trust and the full body burqa covering the face is therefore not acceptable for a person when interacting with the public. It ceases to be a freedom of choice to dress as it impacts the other persons in the society.

Since Right to Privacy cannot be considered as “Right to hide identity”,  there appears to be no fundamental right to hide identity while trying to involve another person in a transaction. To the extent the head to toe coverage can hide criminals in public place, it is a security concern and hence the head to toe coverage has a public security issue.

Hence any Hijab that covers the face should be considered as unacceptable to the society.

Short Hijab Vs the Burqa

The short hijab covering parts of the hair and chest is different as it does not affect the facial identity.

The short hijab however will continue to be treated as display of religious identity and if this is allowed against the concept of “Uniform” then the Court will have to also allow “Saffron Shawls” or “Saffron headgear” to be worn by others.

It is difficult to see how the Courts can uphold the right to hijab without holding the right to Safforn shawls and hence the decision of the Court in this direction would only take the controversy to higher levels of division of the society and will be a law and order issue.

Hindu Woman vs Muslim Woman

I would like the Court to remember that if they uphold Hijab for this religious consideration that it is meant to protect the modesty of women, it should extend it to even the Hindu women also. It will be illogical to say that protection of the modesty is required only for Muslim women and not Hindu women.

Court Dress Code

If the court is inclined to take a decision to uphold the hijab as a religious right but denounce the Saffron shawl as a Hindutva mischief then it would be an unfortunate decision.

In that case, a question should be asked if the Court is prepared to change the dress code in Courts  and allow all women lawyers and judges cover their faces so that evil eyes cannot fall on them…or  at least allow Muslim women lawyers and Judges to come in burqas to the Court.

I wish the Courts will take the right decision without being hypocritical or religiously diplomatic.

Naavi

With due respects as a person to Mrs Nirmala Sitharaman, I would like to draw her attention to the working of private crypto currencies and why not banning them is a big mistake.

I am worried that she is making statements as if she has not done anything wrong and only taxed Crypto transactions without recognizing them. The whole world believes differently and Madam, you are the lone person who is clutching to this idea that taxation of an asset does not provide any legitimacy. I am sure that even Courts will not agree with your view when referred.

To understand why traditional Bankers like us consider Private Crypto Currencies as the death knell for the legacy Banking system is that they are basically created with the objective of killing all Banks. Hence “Anonymity” is the basis of such cryptos. We can keep referring to Bitcoin as a representation of such private cryptos. Since all these private crypto currencies are fungible, it is immaterial if a person acquires Bitcoin or Ripple or Monero or Ethereum. All are currencies which can be used for transactions across the world in replacement of dollars or other legacy currencies.

The Digital Rupee will not fall into this category since it does not provide anonymity and hence it is not going to attract any investment from the current Crypto investors. According to one estimate there is a holding of about Rs 30,000/- crores in Bitcoins etc in India with about 50 lakh investors. The figure may actually be much more since all political parties must be having their own stock of bitcoins as part of their digital black wealth.

Please understand that Bitcoin wallets can be opened outside India just like opening an email account in Yahoo or Gmail. Only if the wallet account is opened in India with the Indian exchanges, there could be a question of KYC. Otherwise there is no KYC. One can always provide an anonymous email and anonymous mobile number to open a bitcoin wallet account.

I request you to contact some honest techie adviser to know if this is possible or not.

Once a wallet account is opened, there are various ways of using it if required with onion routing or garlic routing to make it impossible for any law enforcement agency to trace the transactions.

Please check with a reliable techie advisor if this is true.

Donot believe the version of those who have made you believe that Bitcoin is not recognized, Bitcoin is a technology to be retained and supporting bitcoin will lead to a boom in tax collection etc.

There is a need for you to understand that once the crypto currency is legitimized, there will be many service providers who will hand hold investors to get accounts opened outside India and send all their wealth to the foreign wallet accounts. They can be brought in to India when required or kept outside. There will be flight of capital and money laundering through these accounts. Some of these will be sleeping cells of terrorists. With the use of “Ripple” network even the international transactions will be routed outside the international central banking system. This will encourage exporters to park their earnings outside India.

You donot have to take my word for all this. Please consult your techie friends and get the confirmation.

However at any point in future donot pretend that you were not aware of these intricacies.

I hope you will take my advice to understand how Bitcoins can be used for money laundering and why your taxation proposal will not be able to prevent this.

Naavi

Indian Physicists at Raman Research Institute and ISRO have demonstrated the quantum computer principle of “Entanglement” for the first time in India.

Report in DH: Report in ET:  Report in BS:

It had been reported by DH in 2021 that a research team in Raman Research Institute, Bangalore had been able to achieve a communication  using Quantum Entanglement where data such as a “Cryptographic Key” could be safely transmitted in such a manner that no person can interfere with the communication.

Now it is reported that last week that the technology has been further tested by ISRO at the Physical Research Laboratory, Ahmedabad.

Essentially, “Entanglement” is a property exhibited at the level of atoms and molecules where two particles at a physical distance can be paired in such a manner that if the spin status of one of them is changed, the other gets automatically changed.

Accordingly, if there exists a paired set of Quantum Bits, (Qbit), then programming one set into a Crypto graphic key will automatically set the other pair to the same status. In other words, the information gets transmitted without the digital information flowing from one computer to another through some kind of a network. This is like a “Deemed Transmission” of data.

(This description is slightly different from what has been explained in the news reports.)

According to  the ISRO press release 

“On 27 January 2022, scientists from the two premier laboratories of Department of Space (DOS), viz. Space Applications Centre (SAC) and Physical Research Laboratory (PRL), both from the city of Ahmedabad, have jointly demonstrated quantum entanglement based real time Quantum Key Distribution (QKD) over 300m atmospheric channel along with quantum-secure text, image transmission and quantum-assisted two-way video calling. The demonstration was conducted at SAC, Ahmedabad, between two buildings separated by a distance of 300 m. “

It is known that China has earlier announced that it might have achieved the transmission of such data across a longer distance of 12 Kms. However this achievement of the Indian scientists is a land mark achievement.

We have discussed Quantum Computing on this site earlier and some of the articles are available here.

The Vast and Far Reaching Applications of Quantum Computing
In the wonderland of Quantum Cyber Law, Physics is part of Law specialization
Preparing for Security disruption through Quantum Computing

Search result

The concept of “Super positioning” and “Entanglement” are two interesting properties demonstrated by Quantum Computing technology that has the ability to bring a large scale disruption to the way we manage security of information. 

We hope that Indian scientists will continue to record more achievements in this regard.

Naavi

Related Article on Quantum Computing

Another article on entanglement

One of the consequences of the Data Protection Act and the potential risk of penalty of 4% of total worldwide turnover for non compliance is that Data Fiduciaries are focussed more on the “Compliance” as per the written law.

It is true that the Data Protection Law (DPA 2021 or GDPR) is basically a law formulated to protect the “Privacy” of individuals. The compliance provisions are only a tool to achieve this Privacy protection when the personal data is in the form of “Electronic Information”.

“Privacy” in its pure sense is a state of mind of an individual and is dynamic. It will change from person to person and from time to time in the same person. Hence a “law” written down and enforced as a rule cannot protect “Privacy”.

The way out of this impossibility is to look not at the need to protect “Privacy” but to protect only “Information Privacy”.  Further the protection of “Privacy” is simplified as protecting the choices made and expressed by the data principal about what information related to himself/herself may be collected by another person and how it can be used.

The law makers themselves have accepted the impossibility of defining “Privacy” and  hence the data protection law tries to address only the way the personal data may be protected while in electronic form.

Considering this philosophy that “Privacy Protection is not possible but protection of the choice of a data principal of how some pieces of data may be used”, “Privacy Protection” as a concept has moved over to a concept of “Personal Data Protection”.

As a result, the “Privacy Policy” which is expected to describe the “Privacy Constitution” of an organization should accept its limitations and transform itself to a “Personal Data Protection Policy”. An organization can therefore commit only to a “Personal Data Protection Policy” and not to a “Privacy Protection Policy”.

Unfortunately, today organizations develop documents called the “Privacy Policy” and profess that they are committed to the protection of the Right to Privacy. This is not a valid commitment which can be put in practice except by empty words.

These privacy policies need to be re-defined and transformed as “Personal Data Protection Policies”.

The Complication of DPA 2021

The Indian DPA 2021 has complicated the issue further by calling the Act as “Data Protection Act” and not “Personal Data Protection Act”. As a result it is trying to assume a larger  role to “Protect” both “Personal Data” and “Non Personal Data”.

Protection of personal data is related to “Privacy Protection”. But protection of “Non Personal Data” is not related to “Privacy Protection”. It is related to maintenance of law and order and prevention of Crimes, protecting the rights of the owners of non personal data against being inflicted with wrongful loss.

In view of this, the transformation of an organization from adopting  a “Privacy Policy” to adoption of  ” Personal Data Protection Policy”  or a “Data Protection Policy” needs to be carefully structured.

The objective clause of this “Data Protection Policy” (DPP) should perhaps be defined as

“To manage personal data in accordance with the DPA 2021 and to manage the Non personal data in accordance with ITA 2000 “

This definition requires compliance of two laws simultaneously and substantially enlarges the scope of the Data Protection Policy.

It may be more practical for some organizations to split the DPP into a  “Limited Data protection Policy” (LDPP) and continue with their current practices for compliance of ITA 2000.

In this context, LDPP can be defined as

“Managing personal data and non personal data in accordance with the DPA 2021”.

Modifications in PDPSI

Naavi and FDPPI had promoted a comprehensive framework called PDPSI for compliance of the earlier version of the Personal Data protection law in India. This requires upgradation consequent to the changes proposed by the JPC.

It is therefore necessary to consider upgradation of the PDPSI into DPSI or Data Protection Standard of India, where the earlier recommendations of PDPSI would continue to be relevant and the minor changes that may be introduced by the Data Protection Authority of India under Section 25 (Non Personal Data Breach notification) would be integrated in the fine tuning of the 50 implementation specifications.

The Data Fiduciaries may implement the LDPP and remain in compliance with the DPA 2021.

The distinction between LDPP and DPP would be that LDPP would cover the requirements of DPA 2021 related to personal data and non personal data. DPP will however include the complete compliance of ITA 2000 along with DPA 2021.

The data fiduciaries will however have the option to extend the implementation to not only a full fledged compliance of ITA 2000 but also for compliance of other international laws such as GDPR.

It is to be specifically mentioned that “Extension of DPSI to ITA 2000 or GDPR” does not mean over lapping of multiple regulations. Each regulation by law is applicable to one type of data and hence there is no over lapping of provisions.

For example all personal data requirements in India will be governed under DPA 2021. What is not covered under DPA 2021 including the Non Personal Data related regulations will be covered under IAT 2000.

Personal data which is under the scope of GDPR will be covered under GDPR and this will not include personal data covered under DPA 2021. Similarly, data covered under CCPA will not clash with either GDPR or DPA 2021 or data covered under DIFC-DPL will not clash with GDPR or CCPA or DPA 2021.

These differences will be addressed through the “Data Classification Policy” which will segregate the data under the control of a Data Fiduciary based on applicable laws.

More clarifications will be issued in this regard in due course when the law is finally passed.

Naavi