FedEx courier Fraud

In recent times several frauds involving extortion of money by threatening a person that a parcel containing contraband items in his name has been seized by police and action is imminent on the individual. They then offer to help and in the process extort money through various means as explained in the above video.

I urge the Police to take action against the intermediaries namely the Banks and the SIM card issuers as facilitators of this kind of a crime.

Bangalore police seem to have disabled more than 15000 SIM cards in such complaints which is very commendable.

This action needs to be done across the country and Banks in villages like Jamtara who make this a profession must be closed if necessary.

Naavi

Posted in Cyber Law | Leave a comment

Posted in Cyber Law | Leave a comment

Get Ready to be a Certified DPO and Data Auditor from FDPPI/Cyber Law College

Naavi’s Cyber Law College has just completed the first batch of CDPP-Module I as a 4 day week twelve hour program. The program is a one of its kind program which combined Privacy and Data Protection from DPDPA 2023 as well as ITA 2000.

A new module on Audit called Module A will start in October towards the third week as a week end program (3 hours per day probably for a total of 12 hours). This will again be one of its kind program which will cover different frameworks including ISO 27701, BIS’s Adequacy of Data Governance and Management Standard and the FDPPI’s Data Governance and Protection Standard of India (DGPSI).

For those of you who missed the last Module I, and have to go through Module G before they take up Module A to complete the three parts leading to C.DPO.DA, which will be a coveted certification with registration in the Indian National Register of DPOs and membership of FDPPI, we are leaving another month before we start Module A.

Those who are interested should immediately start taking the course on Recorded mode and use the mentoring sessions in between as and when required where they can interact with our faculty.

Opportunities fly past, One has to be alert to catch them before they pass by….

Naavi

Posted in Cyber Law | Leave a comment

Personal Data Processed by Automobile Pollution Control Certification Agents

Yesterday I took my vehicle for a Pollution control certificate to one agent X. I had not used him on earlier occasions and had been getting such certificates with others.

The moment he read my number plate on the computer, he quoted my name and mobile number.

This means that the vehicle number is in the data base along with the owner’s name and mobile number and accessible by all such PUC agents in every petrol bunk. The same data should be available to toll gates and any other CCTV camera that scans the vehicle number plate.

I agree that it can be processed for any law enforcement purpose.

However there is a need to ponder whether consequent to DPDPA 2023, the PUC agents are to be considered as “Data Fiduciaries” and certain obligations are to be imposed on them?

As regards the Toll managers who are private agencies and not law enforcement agencies, they may be considered as “Significant Data Fiduciaries” since they process lakhs of personal data each day with or without the financial information through fast tag.

There should therefore be a DPO for NICE or other toll managers.

Alternatively the systems of fast tag reading and CCTV should be modified to ensure that the data is not available automatically for analysis .

A thought is required on this.

Naavi

Posted in Cyber Law | Leave a comment

“Privacy Pitamaha” title conferred on Justice (Rtd) K S Puttaswamy

Justice (Retd) Sri K.S. Puttaswamy, the person who initiated the Supreme Court petition on Privacy which finally ended up with the judgement on August 27, 2017 that Privacy is a Fundamental Right in India, is today 98 years old and lives a quiet life in Bengaluru. At a time when the industry is celebrating the advent of the new law, we considered it necessary to recognize the man behind this watershed moment in India.

Accordingly the Board of FDPPI passed a resolution that we should confer a title “Privacy Pitamaha” on him and today called on him at his residence to convey it to him through a simple meeting. Dr Avinash, Dean of of Manipal Law School joined FDPPI on this occasion to support the initiative.

We feel a sense of satisfaction that the contribution of this senior citizen who created history in India was recognized by FDPPI. We feel honoured by honouring him.

Posted in Cyber Law | Leave a comment

Is Indian Express guilty of Privacy infringement under DPDPA and ITA 2000?…DPDPA is here…4

It has become a practice for organizations to send marketing e-mails with “Donot Reply” address. Today I came across the following email from Newsletter@indianexpressonline.org but the reply set to a non existent email address of emailers@indianexpressonline.org. Obviously the “Reply to” message bounced.

The Email was delivered through the AWS service namely Amazon Simple Email Service

Consequent to the DPDPA being a law in India, we need to debate the ethical and legal aspect of such emails.

Does this email of Indian Express constitute a communication without an appropriate notice and Consent? May be Indian Express may today say that the date of effectiveness of the provision of Section 5 of DPDPA is not yet announced.

But, could this also be considered as “Impersonation” and an attempted Section 66C -ITA 2000 offence? ..which is a cognizable offence with 3 year’s imprisonment?

To me it appears to be so.

Next, what is the role of Amazon SES which is the instrument of this crime? Is it to be considered as a “Data Processor” and an “Agent” so that the liability for impersonation and attempted impersonation lies only with Indian Express and not Amazon? or is Amazon a joint Data Fiduciary and has a liability under DPDPA while escaping liability under ITA 2000 where it is an undisclosed agent?

My view is that both Indian Express and Amazon are guilty of Section 66C offence of ITA 2000 which is effective today and also liable under Section 5 of DPDPA for which a penalty of upto Rs 250 crores could be imposed? …if DPB had been in existence?

Let’s Debate.

Comments are welcome

Naavi

Posted in Cyber Law | Leave a comment