Sunday, January 1, 2012

Cyber Law Of India Should Be Reformed

Technological issues when collaborated with legal framework bring complex situations. It is very difficult to provide a legal framework for technological issues. India is also trying to grapple with this problem. Although cyber law in India has been enacted in the form of information technology act 2000 (IT Act 2000) yet it has remained archaic and non performer. The cyber law trends in India 2011 proved this point.

Cyber law of India needs to be rejuvenated. The emphasis must be to develop and protect Indian cyberspace rather than considering as a threat to be tackled through Internet censorship, websites blocking, e-surveillance, phone tapping and similar anti civil liberties protection in cyberspace.

Similarly stress should be given to cyber security of India through cyber security due diligence and mandatory obligations. The cyber security trends in India 2011 have proved that various stakeholders in India are not paying enough attention to cyber security. This is more so regarding banks in India that are not following the cyber security guidelines of Reserve Bank of India (RBI).

Perry4Law and Perry4Law Techno Legal Base (PTLB) believe that a major reason for poor performance on Indian cyber law and cyber security is that we have mixed all the aspects in a single law. For instance, although IT Act 2000 covers issues like cyber law, cyber security, cyber forensics, encryption, e-governance, e-commerce, cyber terrorism, etc yet the same are covered by a single section or more. This way none of them are individually effective.

We must have a separate and dedicated law for each of these issues that seem to have been dumped into a single law making it ineffective and useless for those issues. Further, the information technology amendment act 2008 (IT Act 2008 amendments) have further complicated the issue. By making almost all the cyber crimes “bailable”, Indian government has created a big nuisance for itself.

Perry4Law and PTLB hope that the year 2012 would bring major relief in this regard. Law making is a lengthy and tedious process and the sooner it is started the better it would be for the larger interest of India.

Saturday, December 31, 2011

Cyber Laws In India

Cyber laws in India are very much required especially to manage the culpable dealings of big corporate houses. IT frauds and cyber crimes in Indian companies are increasing at a great speed. Currently there is no cyber due diligence for Indian companies that has been mandatorily provided by the Indian Companies Act, 1956.

The Information Technology Act, 2000 (IT Act 2000) is the sole cyber law of India. The companies in India are required to follow cyber law due diligence in India and cyber security due diligence in India. In the absence of proper due diligence these companies may find themselves in trouble.

Indian companies are neither prepared nor willing to deal with these sophisticated technology crimes and organised crimes. Recently the companies bill 2011 was tabled in lok sabha that carried few reformatory provisions in this regard. It was planned to give more powers to serious frauds investigation office (SFIO) of India. Under the proposed companies bill 2011, SFIO had been given a statutory recognition. However, the bill failed to become law and the position still remains gloomy.

Cyber crimes in India are increasing unchecked. However, efforts to curb the same are still far from satisfactory. In fact, by making almost all the cyber crimes and cyber contraventions under the IT Act 2000 bailable, Indian government has further complicated the situation. In fact, experts have been demanding that cyber law of India should be repealed and new and better laws must be enacted.

We need separate and dedicated legal frameworks in India. For instance, e-commerce laws in India, social media laws in India, e-governance laws in India, cyber security laws in India, cyber forensics laws in India, e-discovery laws in India, digital evidencing laws in India, etc must be enacted separately.

In short, cyber law of India must be given an importance that it deserves. Presently, it is given a piecemeal treatment that is not conducive for its long term growth in India.

Friday, December 30, 2011

Digital Preservation In India Needed

Digital preservation is an issue that has not received much attention in India. Digital preservation is a process in which materials are converted into electronic form for future uses. Digital preservation also ensures that the material has a longer life shelf than the original form.

Digital preservation in India is still in infancy stage. Although we have a Public Records Act 1993 that mandates a digital preservation usage, the same has remained abysmal in India. Public records keeping framework of India has by and large remained ignored. Of course, some institutions like Reserve Bank of India (RBI) have good public records keeping framework.

Digital framework and public records keeping are issues that have a direct bearing upon multiple legal frameworks. For instance, Intellectual property rights (IPRs) are commonly found conflicting with digital preservation initiatives. Technological issues of IPRs would also pose great challenges before the digital preservation initiatives of India.

Recent traditional knowledge digital library (TKDL) of India is one of the most innovative and much needed initiatives undertaken by Indian government. Being a digital library it must ensure digitalisation of contents as well as their digital preservation.

Similarly, cyber law of India also has a direct bearing upon records keeping and digital preservation. In fact, Public Records Act 1993 and IT Act 2000 mandates are very apparent and they cannot be ignored. Similarly, Right to Information Act 2005 and Public Records Act 1993 are also closely related.

Electronic delivery of services and Public Records Act 1993 are also correlated as in future archives and digital documents would be required to be provided to effectuate electronic delivery of services. The proposed Electronic Delivery of Services Bill (EDS) 2011 of India has proved this point.

Surprisingly, despite the importance of public records and digital preservation, Indian national digital preservation policy is still missing and there is no legal framework for digital preservation in India. Digital preservation initiatives of India need urgent reforms if we have to effectual electronic delivery of archives and public records. The sooner it is done the better it would be in the larger interest of India.

Monday, December 26, 2011

Ethical Hacking Training And Courses In India

The need of ethical hackers in India has emerged out of the necessity to tackle growing cases of cyber crimes and cyber attacks. For too long strategic systems and computers located at Indian government departments and sensitive faculties have been targeted by cyber criminals and enemy states. Incidences of cyber espionage against India have increased a lot.

Naturally, India needs a skilled ethical hacking workforce that can ward off such cyber threats. Cyber skills development in India has, therefore, gained importance and demand for skilled workforce in fields like cyber security, cyber forensics, cyber law, etc has increased globally.

These fields are techno legal in nature that required a thorough understanding of both technical and legal aspects at the same time. Neither technical nor legal knowledge in itself is sufficient. Techno legal e-learning courses in India need to be developed to meet the techno legal demands of India.

Ethical hacking trainings and courses in India need to be developed on techno legal lines. Similarly, ethical hacking training institutes in India must also ensure that the trainings provided by them are techno legal in nature. Further, ethical hacking training providers in India must also ensure that they provide only practical trainings and courses whose main aim should be to develop techno legal skills.

Ethical hacking skills development in India is not an easy task. The amalgamation of technology and law is not easy to teach. It is even more difficult to practically apply these techno legal principles in real life. At Perry4Law Techno Legal Base (PTLB) we understand these issues and are providing the exclusive techno legal ethical hacking trainings and courses in India. Other techno legal courses are also provided by PTLB that covers areas like cyber law, cyber forensics, cyber security, etc. PTLB is also managing the exclusive techno legal ethical hacking software and tools repository in India.

PTLB e-learning platform is providing ethical hacking training and courses in India among various other techno legal courses, trainings, educations and skills development initiatives. We hope these initiatives of PTLB would be useful for all the stakeholders.

Saturday, December 24, 2011

Financial Frauds And IT Crimes In Indian Companies Is Increasing

Financial frauds and cyber crimes have plagued Indian corporate sector. IT and cyber frauds in Indian companies has increased a lot. Corporate IT frauds and cyber crime investigations in India have also increased. This has also necessitated cyber due diligence for Indian companies.

White collar crimes and financial frauds are increasing in India. By its very nature these high profile crimes affect corporate sector. Indian companies are also facing increased corporate frauds, financial frauds, white color crimes and technological frauds.

With growing dependence upon information and communication technology (ICT) for various corporate functions, corporate systems and corporate assets are exposed to diverse forms of cyber attacks. Further, data privacy laws in India, data protection laws in India, privacy laws in India, etc have further added responsibilities for corporate sector of India.

Further, companies in India are also required to follow cyber law due diligence in India and cyber security due diligence in India. However, absence of techno legal cyber skills and cyber crimes investigation trainings in India, technology related crimes and cyber crimes have increased in India. Companies in India are facing growing threats from malware attacks, phishing attacks, ATM frauds, online banking threats, trading fraud, etc.

Clearly, Indian companies are not prepared to deal with these sophisticated technology crimes and organised crimes. Recently the companies bill 2011 has been tabled in lok sabha that carries few reformatory provisions in this regard. It was planned to give more powers to serious frauds investigation office (SFIO) of India. Under the proposed companies bill 2011, SFIO has been given a statutory recognition. This is a good step as it would help in curbing corporate frauds in India.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that it is high time for Indian companies to take care of the cyber due diligence and cyber security due diligence requirements under various laws of India. These due diligence requirements are essential part of overall audit strategy of each company. The sooner cyber law and cyber security are taken seriously by Indian companies the better it would be for the larger interest of all stakeholders.

Friday, December 23, 2011

Corporate IT Frauds And Cyber Crimes Investigation In India

Corporate frauds and crimes have taken a new shape in the present information technology age. Data theft, privacy violations, intellectual property rights (IPRs) violation, trade secrets theft, financial frauds, etc have also increased in the corporate sector of India. Even white collar crimes and organised crimes have increased a lot.

Clearly, IT and cyber frauds in Indian companies have increased a lot. These frauds have necessitated cyber due diligence for Indian companies. Further, these IT frauds and corporate cyber crimes have necessitated for their timely and proper investigation. Corporate laws of India must be suitable amended to address these issues in India.

There are multiple investigation agencies in India depending upon the nature of the wrong or crime. Corporate frauds and corporate cyber crimes can be prosecuted at the administrative level or in civil and criminal courts.

Investigation of corporate IT frauds and corporate cyber crimes is a complicated process that requires techno legal training and expertise. These offences require a good working knowledge of both technical and legal knowledge.

Cyber crime investigation methods in India are still maturing. There are very few cyber crime investigators in India that can investigate a cyber crime in techno legal manner. Cyber crime investigation training in India is urgently required so that more such investigators can be produced. With growing cases of corporate IT frauds and corporate cyber crimes, the demand for such cyber crime investigators in India is going to increase.

Perry4Law and Perry4Law Techno Legal Base (PTLB) are providing world renowned and exclusive techno legal trainings to various stakeholders. Some of the areas covered by PTLB are cyber due diligence training in India, cyber forensics trainings in India, cyber security training in India, corporate IT frauds prevention training in India, cyber crime investigation training in India, etc.

Recently, corporate frauds like Satyam fraud, Citibank fraud at Gurgaon, etc came to the light in India. More such frauds may be possible in near future. Realising the gravity of the situation, Indian government decided to further strengthen the powers of serious frauds investigation office (SFIO) of India. The proposed companies bill 2011 has also decided to grant a statutory recognition to SFIO so that corporate frauds can be effectively tackled. Further, corporate and banking laws in India are in the process of being strengthened.

This is a good decision. However, SFIO must develop techno legal expertise to effectively tackle the growing cases of corporate IT frauds and corporate cyber crimes in India. SFIO should immediately start developing techno legal capabilities so that we have a strong and effective authority that can not only deter corporate IT frauds but can also successfully prosecute and punish them. Perry4Law and PTLB would extend their techno legal expertise in this regard if requested by SFIO or any other law enforcement agency or other agency of Indian government.

Cyber Due Diligence For Indian Companies

Cyber due diligence in India has finally arrived in India. The information technology act, 2000 (IT Act 2000) is the sole cyber law of India. IT Act 2000 prescribes cyber due diligence requirements on the part of various stakeholders like banks, companies, individuals, Internet intermediaries, e-commerce sites, etc.

However, till now cyber due diligence in India has not been taken seriously. This is so because cyber law awareness is not very good among various stakeholders. Similarly, civil and criminal prosecutions for lack of cyber due diligence in India is a rare phenomenon. Since ignorance of law if no excuse, in future cases for lack of cyber due diligence would increase in India.

IT and cyber frauds in Indian companies is increasing these days. However, a majority of Indian companies are not performing cyber due diligence in India. The companies in India are required to follow cyber law due diligence in India and cyber security due diligence in India. In the absence of proper due diligence these companies may find themselves in trouble.

Social media laws in India and social networking laws in India would bring their own share of cyber due diligence. Cyber law on social media and networking sites in India is pretty stringent and employees of a company may violate the same intentionally or unintentionally. Internet intermediary law in India and cyber due diligence cannot be taken lightly in India anymore.

Another sector that is urgently demanding cyber due diligence is banking industry of India. Cyber due diligence for banks in India is long due. Banks and companies in India are facing growing threats from malware attacks, phishing attacks, ATM frauds, online banking threats, trading fraud, etc. If a bank cannot show that it performed cyber due diligence and such cyber frauds and cyber crimes occurred without its negligence, it may be required to bear the financial loss. Presently Indian banks are not complying with cyber law due diligence requirements in India.

Finally, the scope and use of e-discovery in India is also increasing. Whether it is a corporate investigation, civil suit or criminal proceedings, e-discovery is playing a decisive role world over. Further, e-discovery laws and practices in India are developing as well. Even e-discovery related litigation, LPO and KPO services in India are growing.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that cyber due diligence training in India needs to be developed so that cyber due diligence compliances by various stakeholders is possible. This training should be a regular and integral part of the corporate strategy of each company. There is no escape from cyber due diligence in India and companies must accept this reality as soon as possible.

IT And Cyber Frauds In Indian Companies Is Increasing

White collar crimes and financial frauds are increasing in India. By its very nature these high profile crimes affect corporate sector. Indian companies are also facing increased corporate frauds, financial frauds, white color crimes and technological frauds.

With growing dependence upon information and communication technology (ICT) for various corporate functions, corporate systems and corporate assets are exposed to diverse forms of cyber attacks. Further, data privacy laws in India, data protection laws in India, privacy laws in India, etc have further added responsibilities for corporate sector of India.

Further, companies in India are also required to follow cyber law due diligence in India and cyber security due diligence in India. However, absence of techno legal cyber skills and cyber crimes investigation trainings in India, technology related crimes and cyber crimes have increased in India. Companies in India are facing growing threats from malware attacks, phishing attacks, ATM frauds, online banking threats, trading fraud, etc.

Clearly, Indian companies are not prepared to deal with these sophisticated technology crimes and organised crimes. Recently the companies bill 2011 has been tabled in lok sabha that carries few reformatory provisions in this regard. It was planned to give more powers to serious frauds investigation office (SFIO) of India. Under the proposed companies bill 2011, SFIO has been given a statutory recognition. This is a good step as it would help in curbing corporate frauds in India.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that it is high time for Indian companies to take care of the cyber due diligence and cyber security due diligence requirements under various laws of India. These due diligence requirements are essential part of overall audit strategy of each company. The sooner cyber law and cyber security are taken seriously by Indian companies the better it would be for the larger interest of all stakeholders.

Thursday, December 22, 2011

Online Dispute Resolution (ODR) In India

Information and communication technology (ICT) is considered to be a good option for resolving disputes of modern days. Concepts like online dispute resolution (ODR) and e-courts are proof of the same.

Unfortunately, neither online dispute resolution in India nor e-courts in India has been accepted and implemented. In fact, we have a single techno legal e-courts training and consultancy centre of India and a single online dispute resolution (ODR) centre in India. Further, Perry4Law Techno Legal Base (PTLB) is the sole techno legal ADR and ODR services provider in India.

The scope for online dispute resolution (ODR) services in India in general and techno legal online dispute resolution (ODR) services in India in particular is really good. However, in order to capatilise the same, an early and proper start is necessary.

Online dispute resolution (ODR) and international response is still lukewarm but at least a beginning has been made there. While international online dispute resolution regime has started exploring use of ICT for disputes resolution, online dispute resolution in Asia is still growing. Online dispute resolution in Asian countries is largely confined to a single or two countries that also to a limited extent. Clearly online dispute resolution standards of practice for India and Asia need to be developed urgently.

In fact, techno legal ODR services have become necessary due to growing use of information technology for business and commercial purposes world over. For instance, ODR and cross border e-commerce transactions are also interrelated. Similar is the case regarding dispute resolution of cross border technology transactions.

Dispute resolution in technology transactions is the upcoming trend in the field of ODR. Dispute resolution of cross border technology transactions is a complicated process if we adopt traditional litigation methods to resolve them. Dispute resolution in technology transactions and dealings requires an effective, timely and cost effective mechanism. Traditional litigation is definitely not the place to achieve these objectives.

Obviously, we need an effective alternative to traditional litigation methods to resolve cross border technology transactions and dispute resolutions. Alternative dispute resolution (ADR) mechanisms like arbitration, conciliation, mediation, etc can be used effectively to resolve these technology transactions disputes. For instance, online dispute resolution (ODR) for cross border e-commerce transactions is already been used to resolved small value disputes.

Similarly, legal issues of media and entertainment industry of India have assumed tremendous importance. Entertainment and media industry dispute resolution in India can be resolved using online dispute resolution. Dispute prevention and resolution in the film and media industry in India is presently not exploring use of online dispute resolution.

However, nothing can strengthen ODR more than international efforts and international coordination activities. International legal standards for online dispute resolution (ODR) and international harmonisation of ODR is urgently required.

United Nations can play am important role in international development and international harmonisation of ODR. United Nations and online dispute resolution are closely related in this regard. In fact, UNCITRAL, ODR and India are interconnected and we need an international harmonisation of ODR legal framework as well as suitable policies at the national level. Efforts in this direction have already been undertaken at the international level and very soon we may see some development in this regard.

Alternative dispute resolution in India is well known in India and we need to make efforts in the direction of ODR as well. While doping so we must keep in mind the requirements of privacy laws in India, dispute resolution and ODR. Online commercial arbitration in India also needs to be developed. The sooner these issues are addressed the better it would be for the growth and development of ODR in India.

Wednesday, December 21, 2011

Terror Funding Template Of National Investigation Agency (NIA) Of India

National investigation agency (NIA) of India is the exclusive central agency that deals with terrorism related cases in India. It has been created under the National Investigation Agency Act, 2008. It intends to strengthen Indian capabilities to fight terrorism in India.

Terrorist activities heavily depend upon financial resources. Since legal channels of transfer of money are closely guarded, terrorists use illegal means and channels to transfer money. Even fake currency is used by them to support their nefarious activities.

Recently, in case numbered RC/07/2011/NIA/DLI DLI, NIA filed a criminal case under the provisions of Indian Penal Code and Unlawful Activities (Prevention) Act, 1967 against four accused persons. NIA claimed it is a case of circulation of high quality fake Indian currency notes (FICN) by some members of the banned terrorist organisation. Hizbul Mujahideen (HM), in association with the co-accused in the case, based at Malda (W.B.), located near Indo-Bangladesh border pursuant to a criminal conspiracy to fund terrorist activities in the State of Jammu and Kashmir. Investigation will be conducted further to locate the source of FICN.

Now NIA has prepared a Terror Funding Template (TFT), which will help its officials and investigators of states' anti-terror agencies to extract information on terror funding. The Template describes core sources and methods for terror funding and it can be utilised for getting relevant information from terrorists and terror suspects during their interrogation and probe. It can also be used to keep an eye on various other activities that directly or indirectly contribute to funding terrorist organisations in India and elsewhere.

Besides usual source of terror funding through hawala, narcotics trade and printing\circulation of fake Indian currency notes, the Template has taken into account misuse of zakat - giving alms to poor and needy as prescribed by the Quran - to fund terror activities. It has been “indianised” to cover issues and areas relevant for India.

These efforts have been further strengthened by the banking reforms in India. For instance, an integrated modern banking law of India has been recently suggested that can be really helpful in this case. Similarly, Reserve Bank of India (RBI) has prescribed enhanced due diligence measures by banks of India for higher risks customers that include terrorist outfits and organisations.

However, there are some very crucial issues that are posing constitutional problems for the intelligence and security agencies of India. For instance, intelligence gathering in India is unconstitutional. Similarly, counter terrorism capabilities of India are not sufficient and Indian counter terrorism capabilities needs rejuvenation. Finally, parliamentary oversight and constitutional safeguards are missing in the functions of these agencies. Time has come to approach these issues in a holistic manner.