Tuesday, May 31, 2011

Telecom Equipments Security Framework Of India

Telecom equipments, especially imported one, have been in controversy for long. The security agencies of India have shown their apprehension regarding imported telecom hardware and equipments. For some time, even import of the same was hampered.

This is primarily due to the fact that India has no telecom security policy that must essentially carry norms for import of telecom equipments and hardware. Meanwhile, it has been proposed to get the telecom equipments checked by Telecom Engineering Centre (TEC) mandatorily before use in India. Now intelligence agencies of India are asking telecom companies to store call data records for five years.

The Department of Telecommunications (DoT) has approved new security norms governing telecom equipment that could cost operators at least Rs 5,000 crore each to implement. DoT has unveiled a new telecom security framework that did away with many existing controversial clauses such as mandating foreign equipment companies to put their software in the equivalent of a sealed envelope and submit it to the government.

Another controversial clause that stipulates penalties of 100% of the contract value on vendors if any spyware or malware is found in the imported equipment has also been dropped. Instead, any security breach will invite a maximum penalty of 50 crore in addition to criminal proceedings against the mobile phone company.

The new policy also dilutes the earlier rule that mandated vendors to employ only Indian engineers to maintain the networks of local mobile phone companies. The fresh norms say only top personnel with vendors need to be Indians. The names of these individuals will have to be cleared by the telecom and home ministries prior to their appointment. This is in line with the rules for mobile phone companies where top executives are required to be resident Indians.

Besides, with phone tapping in the limelight, the changed policy also mandates that mobile phone companies must only appoint Indians as chief technical officer, chief information security officer or as nodal executives for handling monitoring and interception functions across mobile networks.

The new framework is a good step in the right direction. Perry4Law and Perry4Law Techno Legal Base (PTLB) welcome this effort of DoT. However, this is just a piecemeal effort and DoT must come out with a proper telecom security policy of India as soon as possible.

Technology Dispute Resolution Services Of WIPO And UNCITRAL

What is common between World Intellectual Property Organisation (WIPO), United Nations Commission on International Trade Law (UNCITRAL), International Chamber of Commerce (ICC) and World Trade Organisation (WTO)? They all are engaged in one form or another of Dispute Resolution. They are also engaged in one form or another of Online Dispute Resolution (ODR). However, none of them are engaged in Technology Dispute Resolution Services and Techno Legal ODR Services.

For instance, WIPO has its own Arbitration and Mediation Centre (AMC) that provides world renowned Dispute Resolution Services. However, WIPO has still to strengthen its Technology Dispute Resolution Services. One area that WIPO must pay special attention is Dispute Resolution of Cross Border Technology Transactions and E-Commerce Disputes. The future disputes would be Techno Legal in nature and WIPO must be well prepared to deal with the same.

Similarly, Internet Corporation for Assigned Names and Numbers (ICANN) has formulated the Uniform Dispute Resolution Policy (UDRP) long before. It has stood the test of the time. However, with the passage of time, new challenges and issues have also arisen. This has necessitated bringing changes in the same. Incorporating Technology Dispute related changes can be one good option.

The UDRP has not been reviewed by the GNSO Council since its inception. Now a Preliminary Issue Report on the Current State of the UDRP has been prepared at the request of the GNSO Council and it has been posted online for public comment. The Public Comment period ends on 15 July 2011. Upon the publication of the Final Issue Report, the GNSO Council will determine whether to commence a Policy Development Process (PDP) on the UDRP.

Further, chances of future EU India Cross Border Consumer and Technology Disputes cooperation are also great. EU has been working in the direction of use of ODR for effective Dispute Resolution and it must work in association with countries like India in this regard. There is an urgent need of EU India ODR Development Dialogue between them.

Although WIPO, UNCITRAL, ICC, WTO, etc are world renowned for their Dispute Resolution Services yet in areas like Cyber Law Disputes, Cyber Forensics Disputes, E-Discovery and Digital Evidencing Related Disputes, etc, these Institutions must improve further. This trend is also apparent if we analyse the recent Internet Security Initiative jointly undertaken by ICANN and INTERPOL.

At the Indian level, Perry4Law and Perry4Law Techno Legal Base (PTLB) have been working hard in his regard. In fact, Perry4Law and PTLB have recently provided the first Technology Dispute Resolution Policy of India and ODR Policy of India. Perry4Law and PTLB are working in the direction of strengthening Technology Dispute Resolution at National and International level. We hope our initiatives would be useful for all concerned.

WIPO’s Standing Committee On Patents And Technology Transfer

World Intellectual Property Organisation (WIPO) is one of the 16 specialised agencies of the United Nations. WIPO was established in 1967 to encourage creative activity and to promote the protection of Intellectual Property Rights (IPRs) throughout the World.

WIPO is responsible for promoting creative intellectual activity and for facilitating the transfer of technology related to industrial property to the developing countries in order to accelerate economic, social and cultural development, subject to the competence and responsibilities of the United Nations and its organs, particularly the United Nations Conference on Trade and Development (UNCTAD), the United Nations Development Programme (UNDP) and the United Nations Industrial Development Organisation (UNIDO), as well as of the United Nations Educational, Scientific and Cultural Organisation (UNESCO) and of other agencies within the United Nations system.

In pursuance of its objectives, the Sixteenth Session of the WIPO’s Standing Committee on the Law of Patents (SCP) was recently conducted from 16th to 29th May, 2011. Many far reaching issues were discussed at the meeting that includes issues like Patents and Public Health, Technology Transfer, and Exceptions and Limitations to Patents. Although these issues have always remained controversial yet some “Positive Developments” have been shown in this session of SCP.

Issues like Pharmaceuticals and Public Health, Data Exclusivity, Technology Transfer, etc are still to be resolved at the International Level. This is more so regarding Technology Transfer issues that Developing Countries are vigorously advocating. Without adequate and necessary Technology Transfer, Developing Nations cannot be equated with Developed Nations.

WIPO has to play a pro active role so that Technology Transfer can be meaningful and effective. Further, WIPO must also ensure that provisions of TRIPS Agreements are “Interpreted” to the benefits of Developing Countries. This is also necessary so that Doha Development Agenda Negotiations can be successful.

Perry4Law and Perry4Law Techno Legal Base (PTLB) welcome this effort of WIPO and all Countries. Let us see how SPC would help in further development and growth of International Patents Laws in general and Patents related Technology Transfer in particular. We welcome the latest effort of SCP and consider it as the beginning of Future Negotiations.

ITU's Focus Group on Audiovisual Media Accessibility (FGAVA)

ITU-T Focus Group on Audiovisual Media Accessibility (FGAVA) was proposed by ITU-T Study Group 16 for creation in-between TSAG meetings. The Terms of Reference of the Focus Group are available here.

The main objective of this Focus Group is to address the need to make audiovisual media accessible for persons with disabilities. The Focus Group encourages participation of all standards development organizations (SDOs) working in this area.
The Focus Group will encourage:

(a) People to become involved in the accessibility work of ITU.
(b) The participation of persons with disabilities.
(c) The participation of universities.
(d) The participation of company accessibility departments.

The latest meeting of the ITU's Focus Group on Audiovisual Media Accessibilit­y (FGAVA) took place on 26 May. Those participating included universities and research centres, organisations representing persons with disabilities, AV media companies, network and service providers, vendors, organisations representing consumer electronics manufacturers, WIPO, government and regulatory bodies.

The aim of this meeting was to define the scope of the group's work – interpret the objectives, define core terms and agree on procedures. The Focus Group addressed the need to mainstream audiovisual media accessibility focusing on making digital media accessible for all, in particular for the elderly and persons with disabilities.

It was decided to organise the work within the areas, including captioning, audio/video description and spoken captions, visual signing and sign language, emerging access services and electronic programming guides and on-air promotion.

It was also decided to organise the work in the areas, including participation and digital media, digital broadcast television, IPTV, mobile and handheld devices, key performance indicators for the accessibility of broadcast television, IPTV and metadata and mobile and hand-held devices.

Eight deliverables were agreed, one of which covers guidelines on the implementation of the UN Convention on the Rights of Persons with Disabilities. During the eighteen month life of the Focus Group, participants will collect issues and problems related to implementation of the Convention and problems from persons with disabilities and persons with age-related functional impairments.

In addition, it will collect examples of good practice through case studies and other means, and prepare guidelines for the inclusion of access services in all digital AV user devices. The next meeting will take place 15 September this year in Geneva, Switzerland.

Monday, May 30, 2011

Telecom Equipments Must Be Certified By TEC In India Before Use

Till now the telecom equipments imports norms of India are not clear. This is the main reason that has been preventing a timely deployment of imported telecom hardware in India. India has been waiting for long for a certification system for its imported telecom gears and equipments.

Now it has been made clear by India that all telecoms equipments must be mandatorily mandatory certification by the Telecom Engineering Centre (TEC) before deployment in communication networks across India.

However, without a proper legal framework and appropriate telecom policy, this step would not be fruitful. This may be the reason why department of telecommunication (DoT) is planning to amend the Indian Telegraph Rules to include detailed modalities for such mandatory testing and certification.

The onus will be on any original equipment maker (OEM) in the telecoms space to get its products certified before selling them in India. Testing shall be carried out by the Telegraph Authority or any other designated agency on payment of a prescribed fee. A suitable test certificate will be issued to the OEM if it complies with all parameters of testing and certification.

An internal department panel which is drafting the detailed norms for mandatory testing of telecoms gear is slated to submit its recommendations to the Telecom Commission by June 15. The seven-member panel largely comprises senior officials of the TEC, which is the department's technical wing.

The Telegraph Authority will also have the powers to issue show cause notices to telcos using uncertified gear and OEMs selling such equipment. Under the amended Indian Telegraph Rules, it will also have powers to confiscate telecom equipment that hasn't been tested or certified. In the event, an errant OEM fails to complete certification formalities even 180 days after being issued a show cause notice, the designated authority may confiscate such uncertified telecom equipment.

This would eliminate the fears of intelligence agencies of India that have been raising concerns for long for embedded malware in imported telecom hardware. However, nothing is better than a telecom security policy of India that is still missing.

Call Data Records Storage Policy Of India

India is not very good at law making. This is more so regarding technology related laws. For instance, consider the cyber law of India incorporated in the information technology act 2000 (IT Act 2000). IT Act 2000 is a classical example of bad drafting that has created more problems than solutions. This is the reason why experts have been suggesting that it should be repealed.

Similarly, we have no lawful interception law in India. Even phone tapping in India is not done in a constitutional manner and illegal phone tapping in India is under scrutiny. There is no e-surveillance policy in India. India does not bother to maintain a balance between national security and fundamental rights of Indians.

India has launched projects like Aadhar, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), etc. None of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny.

In this background, the news that Intelligence Bureau (IB) wants all mobile phone companies to store call data records, or details of all phone calls made by their customers, for a period of five years is really surprising. Indian law enforcement agencies and intelligence agencies are practically governed by no law. In fact, intelligence infrastructure of India is in big mess and India is not at all ready for projects like CCTNS, Natgrid, NCTC, etc.

It is no surprise that the central bureau of India (CBI) is also not governed by any law and it is operating in India without any law. It is only now that the central bureau of investigation act 2010 was drafted. Till now it is a mere draft and has not become an enforceable law. Even the constitutional validity of the national investigation agency act 2008 is doubtful. The recent circulation of the draft Intelligence Services (Powers and Regulations) Bill, 2011 (Draft Intelligence Bill 2011) in the Lok Sabha shows how our Parliament of India took the matter very casually.

We must start formulating the call data storage policy of India as soon as possible. The one suggested by IB is neither feasible nor desirable. Issues like increased costs to operators, privacy safeguards, legal framework requirements, etc cannot be ignored the way they have been ignored so far. Presently, an inter-ministerial group is looking into monitoring of both internet services and networks in the country. This matter may also be refereed to the same. However, in all probability, this demand would be refused.

Saturday, May 28, 2011

Cyber Law Of India Should Be Repealed

Information and Communication Technology (ICT) has many aspects and Legal Framework is just one of them. This Legal Framework is taken care of by the Legal Enablement of ICT Systems. This Legal Enablement exercise must cover areas like Cyber Law, E-Governance, E-Commerce, Cyber Security, Cyber Forensics, etc.

If these are the essential components of Legal Enablement, we have no Legal Enablement of ICT Systems in India. Readers must not confuse it with lack of Cyber Law in India. Of course, the Information Technology Act, 2000 (IT Act 2000) is the Cyber Law of India.

But IT Act 2000 is more on the side of a collection of “Legal Jargon” than a Law as contemplated by the Constitution of India. With the Information Technology Amendment Act, 2008 (IT Act 2008), even this Legal Jargon has become a “Legal Nuisance”. The net effect of the IT Act 2008 was that Indian Cyber Law ceased to be a “Reasonable and Constitutional Law”.

I still remember the time when IT Act 2008 was proposed. I was, perhaps, the “Strongest Opposer” of that Amendment. I believed, and I still believe, that IT Act 2008 was a “Big Mockery” of Fundamental Rights of Indians. The IT Act 2008 shouted loud and clear that our Executive and Indian Government do not believe in the Constitution of India in general and Fundamental Rights in particular.

I was hopeful that my concerns and suggestions would be considered and Government would not proceed further with the IT Act, 2008 Amendments. The moment IT Act 2008 was “Notified”, I lost my Faith and Interest in the Cyber Law of India. This is the main reason why I did not give any Suggestions regarding the same subsequently, especially regarding the recent Rules suggested by Department of Information Technology (DIT).

Indian Cyber Law has become an E-Surveillance Instrumentality and it contains many “Unconstitutional Sections” that should not be there at the very first place. However, it does not matter much as Indians are well known for accepting whatever is forced upon them.

Now the only proper course that is left for Indian Government in general and Parliament of India in particular is to “Repeal” the Cyber Law of India and come up with a Decent, Sensible and Constitutional Law. It would be better if we have “Separate Laws” for Cyber Law, Cyber Security, Cyber Forensics, E-Governance, E-Commerce, etc. I hope good sense would prevail upon Indian Government and Parliament of India very soon.

India Us Cyber Security Cooperation Agreement Signed

India and US have been cooperating in the cyber security field for long. However, due to some bad experiences, India and US cyber security forum was closed. Now India and US have once more revived the cyber security cooperation between themselves. This was an anticipated move to remove the deadlock that was preventing a mutual cooperation in the field of cyber security between these two countries.

Now under the India US homeland security dialogue, a deal between the Computer Emergency Response Team of India (CERT-IN) and Computer Emergency Response Team of US (US-CERT) has been finalised. CERT IN and CERT US are the lead agencies in the respective countries to respond to cyber attacks.

The CERT-IN and US-CERT are likely to sign a Memorandum of Understanding for sharing of expertise in artifact analysis (study of traces of virus and worm), network traffic analysis and exchange of information. They also decided to cooperate in capacity building and to work together, and with other countries, to advance cyber security standards.

The US, while making public the strategy, called for global partnerships to set international computer security standards with penalties for countries and organisations that would fall short. Though the US did not single out any countries while releasing the strategy, it seems intended to prod China and Russia to allow more internet freedom, crack down on theft of intellectual property and bring into force more effective laws to protect privacy of computer users.

US has already made clear its international strategy for cyberspace. To achieve this goal the US will build an international environment that ensures global networks are open to new innovations, interoperable the world over, secure enough to support people’s work, and reliable enough to earn their trust.

This is a good step in the direction of bilateral cyber security initiatives. However, international organisations must play a more direct and pro active role to fight cyber crimes. It is good to see that international community is getting serious to fight the nuisance of cyber crimes.

Norms For Import Of Telecom Equipments In India

Import of telecom equipments, especially for India, has never been smooth. Security agencies of India have been raising concerns regarding possibility of “backdoors” in hardware and software of foreign vendors.

India has no institution or department that can check malware in hardware and software. India has to depend upon other countries like UK for testing of imported hardware and software.

In this entire exercise, the import of hardware of foreign vendors has been affected to a great extent. On the request of these foreign vendors, Indian government assured that the matter would be expedited very soon.

Meanwhile, Kapil Sibal, Minister of department of communication and information technology and department of telecommunications has shown his support for indigenously manufactured hardware and software.

Now the Prime Minister's Office (PMO) has asked the communication and home ministries to ensure that new norms for import of telecom equipment are in place by the month-end. The original deadline was October-end 2010, and the PMO in a May 20 communication to these ministries has asked them to complete the process by May-end, and ensure no further extension becomes necessary'.

At present, India has two separate policy guidelines for import of telecom gear. Chinese vendors such as Huawei and ZTE follow the July 2010 guidelines while Western telecom equipment manufacturers were given the option of following the policy issued in late 2009, after they refused to operate in India under the July rules.

In August 2010, the PMO had asked the ministries to review the strict security standards unveiled during the previous month (July) after they were being labelled "too tough" by foreign telecom gearmakers. Western vendors and business lobbies in the US, Europe and Japan have been pressuring India to overturn the July 2010 rules.

The PMO had given both ministries two months to come up with a revised code of standards more aligned to procedures being followed globally, but these are yet to be notified. In the interim period, imports of telecom gear from China resumed after its companies agreed to adhere to the stringent rules.

There are many crucial areas that have to be covered by the present norms. Let us see how successful the Indian government would be in meeting these requirements.

Friday, May 27, 2011

Preliminary Issue Report On The Current State Of The UDRP

The World of Domain Name is fast changing. Whether it is the Policy decisions or the issues of securing Internet and Domain Names, lots of development is taking place these days. Internet Corporation for Assigned Names and Numbers (ICANN) has been taking many pro active steps in this regard. For instance, recently ICANN and INTERPOL have agreed to work in the direction of securing Internet.

ICANN has also widely contributed for the World of Domain Names. ICANN has formulated the Uniform Dispute Resolution Policy (UDRP) that has been in effect for over 10 years. It is widely recognised as one of ICANN’s defining accomplishments from its formative years. While not perfect, the UDRP has successfully offered parties a far less expensive alternative to costly litigation for resolving international disputes involving domain name cybersquatting. In the last decade, the Internet community has come to rely on the consistency, predictability, efficiency, and fairness generally associated with the present implementation of the UDRP.

The UDRP has not been reviewed by the GNSO Council since its inception. Now a Preliminary Issue Report on the Current State of the UDRP has been prepared at the request of the GNSO Council and it has been posted online for public comment. The Public Comment period ends on 15 July 2011. Upon the publication of the Final Issue Report, the GNSO Council will determine whether to commence a Policy Development Process (PDP) on the UDRP.

In response to the GNSO Council’s request, Staff conducted preliminary research on the UDRP to identify issues for inclusion in this Report. Due to the tremendous volume of cases and materials available regarding the UDRP (including, over 300,000 hits on Google alone), it became clear that there was no effective way to evaluate these materials. Instead, at the suggestion of the GNSO Council, Staff conducted a Webinar on the Current State of the UDRP (UDRP Webinar), to solicit feedback and information from UDRP experts and representatives from a broad cross-section of stakeholders.

While periodic assessment of policies can be beneficial to guard against unexpected results or inefficient process, the GNSO Council should consider the perspective of the ICANN community with regard to whether such review is necessary or warranted. Although properly within the scope of the GNSO’s mandate, Staff recommends that a PDP on the UDRP not be initiated at this time. However, if the GNSO Council nevertheless believes that the UDRP should be reviewed, Staff suggests an alternative approach for addressing this issue. After carefully evaluating the issues and concerns expressed by the ICANN community regarding the UDRP, Staff has concluded that many issues relate to process issues associated with the implementation of the UDRP, rather than the language of the policy itself. The GNSO Council should consider in lieu of commencing a PDP, convening a small group of experts to produce recommendations to improve the process or implementation of the UDRP policy as an initial step. If after consideration of such expert recommendations, there continues to be a desire to conduct a more thorough review of the UDRP, the GNSO Council could subsequently initiate a more focused PDP at that time.

This Report addresses the GNSO’s specific request for information on:

(1) How the UDRP has addressed the problem of cybersquatting to date, and any insufficiencies/inequalities associated with the process.

(2) Whether the definition of cybersquatting inherent within the existing UDRP language needs to be reviewed or updated.

This is an opportunity for the ICANN community to provide its views on the current state of the UDRP, and on whether a Policy Development process should be initiated to review the UDRP. This Report will be updated to reflect such feedback in the Final Issue Report to be presented to the GNSO Council after the closing of this public comment forum.

ICANN And INTERPOL Moots Internet Security

Internet Corporation for Assigned Names and Numbers (ICANN) and INTERPOL are well known names in international arena. Now both ICANN and INTERPOL have joined their forces to make Internet more safe and secure.

A landmark visit to INTERPOL's General Secretariat headquarters by top officials from the ICANN provided both international bodies with an opportunity to explore avenues for closer collaboration on Internet security.

With cyber-security, financial & high tech crime high on the agenda, talks between ICANN President and CEO Rod Beckstrom and INTERPOL Secretary General Ronald K. Noble focused on Internet security governance and enhancing common means for preventing and addressing Internet crime.

ICANN and INTERPOL officials have started exploring ways they can collaborate on enhancing Internet security. "The Internet has no borders, and neither do the criminals who exploit it. As the Internet's role in society continues to increase in scope and importance, it is vital for INTERPOL to help create bridges between the international law enforcement community it represents and ICANN in order to advance Internet security practices for the benefit to all," said INTERPOL Secretary General Ronald K. Noble

Noble then cited the points the global coordinator of domain and names and Internet protocol addresses and the international police organisation had in common. "Both organisations are international, both are politically neutral, and both are focused on the good of the world. Both also care about improving the security of the Internet for the future," he said.

ICANN representatives were similarly optimistic. "We recognise Interpol as an important international leader in this field...We are pleased by its expression of interest in joining the ICANN Governmental Advisory Committee as an observer," said ICANN President and CEO Rod Beckstrom.

Discussions at the meeting, the first of its kind between INTERPOL and ICANN, covered general issues of cyber security, and financial and high tech crime. Beckstrom and Noble particularly homed in on Internet security governance and the enhancement of common means for preventing and addressing Internet crime.

This is a good step in right direction and it would help in bringing some security in the otherwise insecure world of cyberspace.

The Truth Of Aadhar Project And UIDAI

Aadhar Project of India or Unique Identification Project of India (UID Project of India) is a real “Dangerous Project” that should not be there at the very first place. It is based upon Deceit and Deception and both Indian Government and Unique Identification Authority of India (UIDAI) are Hiding Truth from Indians. There is no Legal Framework, no defined Policies and Guidelines and most importantly no Procedural and Civil Liberty Safeguards.

Aadhar and UIDAI are just giving dreams and nothing more. How many poor people have been benefited from Aadhar Number so far? Practically none and none would be. Aadhar Project has many Deficiencies and Fallacies. Not only Aadhar and UIDAI are Illegal and Unconstitutional but they would also contribute to the E-Surveillance Powers of Indian Government.

From my experience so far, Aadhar is portrayed as a Welfare Scheme but is nothing more than a booty sharing for big companies and an E-Surveillance Instrumentality for Indian Government. I have personally E-mailed these concerns to Nandan Nilekani but UIDAI is not willing to hear anything.

Nandan Nilekani, Chairman of UIDAI, along with Planning Commission secretary Sudha Pillai, appeared before Parliament’s Standing Committee on Finance where many Members expressed their reservations about the Aadhar Project. Questions were asked about the need, non mandatory nature of the project, multiplicity of cards in India, etc.

Nandan Nilekani even failed to answer the simple questions posed by Committee. This is obvious as Nandan or UIDAI cannot answer the questions of Privacy Violation, real purpose of Aadhar, evil intentions of Aadhar etc.

In fact, through lobbying and pressure tactics Aadhar number has been made “Mandatory” for almost all Public Services. If Aadhar and UIDAI are that fair why are they making it mandatory? Let it be Optional and all those who desire to have it may opt for it. By imposing it upon Indians and clubbing it with essential Public Services the evil intentions of Aadhar are even more apparent. What is more surprising is that neither Indian Government nor UIDAI raised any objections to such arm twisting techniques and imposition of Aadhar Number for essential Public Services.

The Aadhar Project and UIDAI have hired public relation, media agencies and brand protection companies that are doing their level best to spread rumours about benefits of Aadhar number. If this is not enough, Google is Censoring critical views about Aadhar Project and UIDAI.

In my personal opinion, India is not yet ready for either Aadhar Project/UID Project or UIDAI. In fact, both Aadhar and UIDAI are “Highly Undesirable” at this stage. Aadhar and UIDAI must be preceded by a Constitutionally Sound Legal Framework and Parliamentary Oversight. Both of these are missing presently making it an “Unconstitutional Project”.

Constitutionally preparation of a Legislation/Bill is the duty of Indian Government and it must be passed by the Parliament of India. In this case, an authority like UIDAI is suggesting the Bill that (UIDAI) itself is devoid of any Constitutional Validity. Though there is nothing wrong if Private Individuals suggest such a Framework but its Adoption and Implementation must be serious. Ideally Indian Government must come up with its own Bill on Aadhar Project as even the Bill by UIDAI is mere “Eyewash” and does not make much difference. Even if it is passed by Parliament of India, the Unconstitutional Nature of the Aadhar Project and UIDA would remain the same.

I found it really surprising the way the Bill prepared by UIDAI was cleared by Cabinet and introduced in the Parliament. Many issues, including Profiling, Privacy Safeguards, Civil Liberties Protection, E-Surveillance, etc have been totally neglected by UIDAI and Cabinet and perhaps would be ignored by the Parliament of India as well.

The present exercise of taking Biometric Details of Indians is simply “Unconstitutional”. A Project and Authority without any Legal Sanction and Parliamentary Oversight cannot indulge in these activities on such a mass scale. I believe the Government of India is violating various Civil Liberties of Indian though Aadhar Project and UIDAI by making it, Directly and Indirectly, Relevant and Mandatory.

Initially, UIDAI said that Aadhar Number would be optional. Now District likes Mysore and many Banks and other Public Services Delivery Institutions have made UID Number Mandatory for various Public Services even though UIDAI claims it to be Optional. Practically UID never was, and never will be, Optional. This would have serious ramifications, both legal and otherwise.

There are great chances that Biometric Details of Indian would be shared with Intelligence Agencies of India and Law Enforcement Agencies of India. Projects like National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS). Central Monitoring System (CMS), etc would love to utilise these Biometric Details.

In short, Aadhar Project of India is always portrayed as a Welfare Scheme. In reality, Aadhar Project and UIDAI have Evil Intentions. In fact, Aadhar Project and UIDAI are the Most Evil Projects of India till now. What is more surprising is why this E-surveillance and Big Brother Project has not been Scrapped by the Prime Minister’s office (PMO).But the real fault lies with the Parliament of India that is at fault for Abdicating its Legislative Duties under the Constitution of India.

I hope this article would not be Censored by either the E-Police State of India or Google so that Democratic Rights and Right to Speech and Expression can be freely exercised by us.

Thursday, May 26, 2011

Illegal Phone Tapping In India Under Scrutiny

Phone Tapping in India has been in controversies for long. Whether it is Illegal Phone Tapping by Private Individuals or Unaccountable Phone Tapping by Indian Government and its Agencies, Phone Tapping in India has never been smooth.

On the front of Legal Framework as well we have no Dedicated and Constitutionally Sound Lawful Interception Law in India. The Indian Telegraph Act, 1885 and other similar Laws are not in “Conformity” with the Constitution of India, especially Fundamental Rights of Indians. Even the Home Ministry of India is considering enactment of a Lawful Interception Law in India.

On the top of it we have Central Monitoring System of India (CMS of India). It is suffice to say that this Unconstitutional Phone Tapping in India and Illegal E-Surveillance in India is a “Constitutional Failure of India”. India urgently needs a Valid Phone Tapping Law.

Now the Central Government has shown some concerns regarding Illegal Phone Tapping happening openly in India. The Centre has asked the Government Agencies and State Governments to return all surveillance equipment. The Home Ministry of India has now issued directions in this regard.

All Central and State Monitoring Agencies have been told to return any GSM equipment used for illegal tapping of phones back to the Department of Telecommunications (DOT). A secret MHA advisory to all State Police Departments says there will be crackdown on private individuals as well, which means Corporate India is included.

A DOT advisory dated December 31, 2010 to return the illegally imported equipment had evinced a poor response. In fact, till six months ago, passive interception machines could be easily imported under the Open General Licence. It's now been placed in the restricted list.

The Department of Revenue Intelligence suspects there are over 1100 machines that have been imported in the past 3 years alone. But the exercise could be a shot in the dark as the end users of these machines are still being traced. In fact, an internal audit by the CAG of the NTRO had revealed that these machines were placed more frequently in cities rather then the international borders or even in naxal or insurgency hit areas - for which they were acquired. This has given rise to suspicion that they were being used for tapping political and corporate rivals. Let us see how effective these directions of Home Ministry would be in preventing Illegal Phone Tapping and E-Surveillance in India.

Wednesday, May 25, 2011

Income Tax Directorate of Criminal Investigation Of India

Black money and evasion of taxes has become a headache for Indian government. With the use of information technology, this problem has further been aggravated. With more and more money dealings and transfers are now done electronically, acquiring sound knowledge about computers and cyber forensics techniques is need of the hour.

Keeping all these developments in mind, the Income Tax Department of India is planning to revamp its tax collection mechanism. Among other crucial initiatives, there was also a proposal to create an Income Tax Directorate of Criminal Investigation (ITDCI).

The ITDCI will maintain a centralised repository of data collected from telephone and Internet intercepts, banking and market transactions, cross-border deals, ATM transactions, etc. The department will also develop cyber forensics capabilities and obtain latest forensics tools.

Finance Minister Pranab Mukherjee on Tuesday announced the setting up of the Directorate of Criminal Investigation in his inaugural speech at the two-day annual conference of I-T chief commissioners and director generals. It will locate crimes or criminals by tracing the movement of money before, during and after a crime. It will also strengthen the ongoing efforts of the department in dealing with issues of black money.

In order to meet the challenges of information technology in general and cyber forensics in particular, the directorate would comprise experts in financial and forensic investigations. It is expected to be notified this month.

The directorate’s creation is part of the Vision 2020 document, released in January, which mandates the I-T department to prepare a strategy to identify reasons behind tax evasions, and to keep tabs on money laundering, narcotics and terror activities.

Although this is a good step in the right direction yet its success depend upon the quality of the experts that would help ITDCI in achieving its purpose. Without good techno legal knowledge, ITDCI cannot succeed in India. Finance Minister Pranab Mukherjee must choose the experts very sensibly and strictly according to merit alone.

Tuesday, May 24, 2011

EU Commission Considers ODR For Cross Border Consumer Disputes

European Union (EU) has been on the forefront of using Alternative Dispute Resolution (ADR) and Online Dispute Resolution (ODR) as an effective alternative for court litigations. It has been launching various projects and schemes from time to time in this regard.

Recently EU Commission launched public consultation on the use of ADR as a means to resolve disputes related to commercial transactions and practices in the EU on 18 January 2011 and it officially ended on 15 March 2011. It aimed at gathering information on the use of ADR as a means to resolve disputes with traders, at seeking Member States and stakeholders' views on the difficulties identified and at looking into possible ways in which the use of ADR within the EU could be improved. The Commission received a total of 220 responses at end of March 2011.

Respondents from all categories showed a strong support for ADR schemes as an efficient alternative to in-court proceedings for consumer disputes. They underlined the importance of developing consumer ADR schemes to benefit both consumers and businesses and, overall, to improve the well-functioning of the internal market. Many respondents supported the improvement of ODR schemes for ecommerce transactions. Most Member States and stakeholders welcomed EU level action to enhance the functioning of consumer ADR schemes. A future EU action should take account of existing national schemes. It should strengthen coordination throughout Europe.

It was generally stressed that flexibility is an essential element of ADR schemes. All respondents agreed that efficiency, speed and low costs of ADR schemes are the main incentives for consumers and businesses to use ADR and to comply with its outcomes.

It was also conveyed that the voluntary nature of ADR for business and consumers should be preserved according to many Member States and business representatives. Respondents from consumers expressed a more favourable opinion for mandatory ADR, but only for traders and especially in highly regulated sectors.

Concerning the nature of ADR outcomes many respondents, including some Member States and ADR schemes, recalled that it may depend on the conditions of a specific market (e.g. highly regulated sectors). For several consumer representatives ADR outcomes should be binding for the trader. Most business respondents stressed that the parties should agree in advance whether or not ADR outcomes should be binding.

It was also felt that a fundamental condition to improve the use of consumer ADR schemes is to raise awareness of consumers and business. All involved parties should play their role, in particular public authorities and sector regulators. Existing EU networks (ECC-NET and FIN-NET) should continue to facilitate consumers' access to ADR and provide guidance on the use of ADR schemes, in particular for cross-border disputes.

Most respondents underlined that performing ADR schemes should be guided by a number of common principles, such as independence, impartiality, transparency and effectiveness. For consumer associations the principles of consumer ADR should be included in a binding instrument. Most replies indicated the importance of monitoring the functioning of ADR schemes in order to enhance their effectiveness and the use.

Most Member States and stakeholders focused mainly on ADR to resolve individual consumer complaints. A majority of businesses are not in favour of ADR dealing simultaneously with both consumer and SME complaints. They stressed that disputes of SMEs require a different treatment, which justifies excluding them from consumer ADR schemes. Some Member States seem also to favour a separate approach for consumer and SMEs complaints.

Respondents generally emphasised the importance of different sources to fund ADR schemes. All agreed that ADR should be low cost or free of charge for the consumer.

Some business and lawyers expressed concerns about over-simplifying a system for complex industries where disputes may arise, and said that a central legal framework would have to be established for it to work, while consumer groups warned against the language difficulties that could arise in a pan-EU system.

A majority of respondents believed that a single entry point or umbrella organisations could be very useful to provide consumers with information on and guidance to the appropriate ADR scheme at both EU and national level.

According to a large majority of respondents, imposing ADR as mandatory step before court may impinge on individual consumer's right to go to court. A few respondents considered that parties in judicial proceedings could be encouraged to use ADR for specific cases, notably for low-value complaints.

Most respondents suggested that ADR schemes can improve their reputation by providing clear, transparent information on how they operate; by highlighting cost-effectiveness; by publishing outcomes, and by providing a central hub for information to redirect people to other dispute resolution options.

While European countries and developed countries are adopting ADR and ODR to a great extent, ODR in Asian countries has not been successful. In the Indian context we have no ODR Policy in India. Even we do not have a Technology Dispute Resolution Policy of India. Now we at Perry4Law and Perry4Law Techno Legal Base (PTLB) have provided ODR Policy of India and Technology Dispute Resolution Policy of India. We hope this would be helpful for all concerned.

Technology Dispute Resolution Policy Of India

India has no policy framework for technology dispute resolution. At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been providing techno legal technology dispute resolution policies and strategies. We have been maintaining that online dispute resolution in India is the need of the hour.

However, ODR in Asian countries at large is not much popular and this includes India as well. Since there is no policy framework for ODR in India, Perry4Law and PTLB are providing the same here.

We have arranged and assembled all the possible information that we have shared with world at large in this piece of article so that individuals and international organisations like United Nations, United Nations Commission on International Trade Law (UNCITRAL), World Intellectual Property Organisation (WIPO), World Trade Organisation (WTO), etc can be benefited from the same.

Cross border technology transactions and dispute resolution is the latest trend in ODR. However, there are no international legal standards for ODR and international harmonisation of ODR is required as soon as possible. Similar is the situation regarding use of ODR for cross border e-commerce transactions.

There seems to be no effective coordination between UNCITRAL, ODR and India. Further, ODR in India is facing severe legal roadblocks that are preventing its growth in India. The Arbitration and Conciliation Act 1996 of India needs to be urgently amended to accommodate ODR, technology dispute resolutions, domain name dispute resolution, cyber squatting cases, cross border e-commerce transactions, etc. Even technological issues of intellectual property rights (IPRs) in India would require ODR mechanism.

The legal and judicial system of India needs innovative methods like ODR. At the same time, ODR is techno legal in nature and it requires ODR skill development and training for its proper utilisation in India.

All the abovementioned issues need to be formulated into ODR and technology dispute resolution policy of India. Law Ministry of India has proposed changes in the Arbitration and Conciliation Act 1996 and these suggestions can be incorporated in this same.

RBI Mandates Information Giving Of Strictures Passed Against Directors

Reserve Bank of India (RBI) has been streamlining the management of banking and financial institutions of India. It has taken many pro active steps in this regard. From prescribing a more stringent cyber due diligence policy for banks to mandating a requirement to appoint chief information officers (CIOs) and steering committee at the board level, RBI has taken many reformative steps.

In fact, cyber due diligence and banking due diligence could have prevented the recent Citibank fraud. The truth is that banks and financial institutions in India are not serious at all regarding cyber due diligence, cyber crimes, financial frauds and cyber security. Till now RBI’s guidelines on steering committee and CIOs have not been fulfilled by banks of India. Even RBI has recently imposed non compliance penalty upon 19 banks of India in another case.

However, despite all these actions, the higher management of banks have not been persuaded to take due diligence seriously. Now RBI has decided to change this position and it has asked banks to seek information from their directors on any adverse strictures passed by financial sector regulators against them.

This means if directors of banks are negligent in meeting various due diligence requirements, statutory obligations, cyber law and cyber security requirements, etc and any stricture is passed against them in this regard that would have to be reported.

RBI has also partially modified the format of “Declaration and Undertaking” prescribed for the purpose of conducting due diligence to determine the “fit and proper” status of directors. Banks should get information whether the director at any time come to the adverse notice of a regulator such as the Securities and Exchange Board of India (SEBI) and the Insurance and Regulatory Development Authority (IRDA) .

Henceforth, banks should obtain declaration and undertaking from existing directors and also persons to be appointed or elected as director. It is not necessary for a candidate to mention about orders and findings by regulators which have been later on reversed or set aside in toto. But they would have to make a mention of the same, in case the reversal and setting aside is on technical reasons like limitation or lack of jurisdiction and not on merit. If the order (of the regulator) is temporarily stayed and the appellate or court proceedings are pending, the same also should be mentioned, RBI added.

This is a good step in the right direction by RBI. This would bring not only discipline among the higher management but would also ensure statutory and due diligence compliances on their behalf.

Is DOT Bound By Policy Decisions Of TRAI?

Department of Telecommunications (DOT) and Telecom Regulatory Authority of India (TRAI) have been locking horns upon many Telecom Related Policy Issues. Of course, on some issues like allowing telemarketing companies to operate freely in India, both DOT and TRAI are concurring. Till now neither DOT nor TRAI has tried to stop Spam Communications in India.

However, there is a “Central Issue” as well that has become bone of contention between DOT and TRAI. The controversy revolves around the role of TRAI in suggesting policy issues.

Although this issue has been agitated by DOT in the past and a favourable reply was given by Law Ministry of India in favour of DOT yet the issue kept on resurfacing again and again. In fact, Solicitor General Gopal Subramanium in his legal opinion had said that DOT can change the terms and conditions of existing licences and the TRAI's recommendations were not binding on the Government.

However, TRAI got its own legal opinion in this regard from former Supreme Court Judge BP Jeevan Reddy and noted Lawyer Harish N Slave. Both were of the opinion that DOT cannot make any modifications to licences of existing mobile phone firms without consulting TRAI. Reddy and Salve had also said the DOT must review the opinion given by Gopal Subramanium.

Now DOT has decided to seek the opinion of Law Ministry once more. DOT would send both set of Opinions to Law Ministry and is expecting the Law Ministry to take a final call in this regard. In the interim period, it has also decided against acting on Gopal Subramanium's opinion.

This is a crucial issue as it would have a very important bearing upon the telecom decisions taken by DOT. For the larger interest of Telecom Sector of India, it is advisable that Law Ministry of India must take a “well informed and highly deliberated decision” in this regard.

US DOD And DHS Would Share Cyber Security Expertise

United States (US) is streamlining its internal and external Cyber Security Initiatives. First US formulated its International Strategy for Cyber Security and then it proposed an enhanced International Cooperation in this regard with emerging economies like India.

In fact, India and US are about to engage in a Homeland Security Dialogue that would be beneficial for both the countries. Issues like Cyber Crimes, Cyber Security, Anti Terrorism Cooperation, etc may be discussed in this dialogue.

However, US is not limiting itself to this level alone. It is strengthening its Internal National Infrastructure and Cyber Security Capabilities. It is even improving the relationships between its own Departments.

For instance, the U.S. Department of Defense (DOD) is sharing Cyber Security Information, Capabilities and Expertise with the Department of Homeland Security (DHS).

Under the plan, DHS would lead the effort to protect Americans, the nation’s Critical Infrastructure and the federal government’s computer networks. The DOD would retain protections over its “dot-mil” domain, but would work in close collaboration DHS and the Departments of Justice and Commerce to better safeguard Cyberspace.

Indian Ministry of Defence and Home Ministry of India must also forge similar coordination and collaborative efforts.

Monday, May 23, 2011

CBDT Can Continue To Request Phones Tap In India

Phone tapping in India has been in controversies recently. Whether it is phone tapping by private individuals or public distribution of tapped conversations, Indian government has been in controversies.

In a recent development, the Prime Minister’s Office (PMO) has authorised the Home Ministry to take the final call on the contentious issue of withdrawing the CBDT’s powers of phone-tapping.

Now it has been reported that the CBDT will continue to enjoy the power to request telephone tapping despite a strong recommendation by a Committee of Secretaries against it. However, it is not immediately clear the conditions the CBDT will have to fulfill before requesting the tapping of telephones of any individual.

Suggestions for removal of CBDT from the agencies that can request phone tapping were given believing that tax evasion cases neither have criminal liability nor any national security issue as these were only civil matters.

The panel recommended either removal of the CBDT from the list of authorised agencies that can request telephone interception as the income tax laws fall within civil jurisdiction and do not always impinge on the public safety or to specify stipulations regarding the extent of surveillance allowed to the agency, including the level at which requests are to be made for authorisation by the Home Secretary. However, we have still to deal with lawful interception law in India.

There is an urgent need to formulate effective and constitutional lawful interception law in India. Lawful Interception is a process that “Reconciles” the Law Enforcement requirements and Civil Liberties of a Nation. In the Indian context, we have no Lawful Interception Law in India. By Lawful Interception Law it means a “Constitutionally Sound” Lawful Interception Law and not the present “Self Serving Laws” of India like Indian Telegraph Act 1885.

If we have a clear cut law, this turf war between various Ministries of India can be avoided. Presently, phone tapping is not regulated by a clear cut and constitutional law.

Online Dispute Resolution In Asian Countries

Online dispute resolution (ODR) is an emerging dispute resolution mechanism. It uses information technology for effective and speedier dispute resolution. Online dispute resolution in India (ODR in India) is also gaining momentum but the pace of its growth and adoption is very slow.

Overall, the use of ODR in Asian Countries is not very good if we exclude few exceptional countries. Indian business environment is not great in the absence of suitable dispute resolution mechanism. The traditional litigation method of India is a real deterrent to bring foreign direct investments and foreign companies into India to do business.

Dispute resolution in cross border technology transactions is an area that has tremendous potential. However, ODR in India is facing many legal roadblocks that are preventing India from deriving benefit out of such disputes. There is an urgent need of International harmonisation of ODR norms and standards.

At the International Level, United Nations Commission on International Trade Law (UNCITRAL) is working in the direction of providing a “harmonised legal framework” for ODR. There are very few “ODR Providers” in India and, unfortunately, none of them are part of the recently constituted “Working Group on ODR” of UNCITRAL. This would “drastically reduce” the changes of “adequate and forceful representation” to be made to the Government of India for suggesting use of ODR in India.

Even the alternative dispute resolution (ADR) mechanism of India needs suitable rejuvenation. For instance, the Arbitration and Conciliation Act 1996 of India needs an urgent amendment to make it conducive for effective and speedier alternative dispute resolution in India.

While the European countries and developed countries are adequately utilising ODR yet Asian countries and developing countries are lagging far behind. If India wishes to be a global hub for ADR and ODR, it has to work really hard in this direction.

Sunday, May 22, 2011

India Is Becoming A Hub For Spam Communications

India is becoming a hub for Spam communications these days. Whether it is telemarketing or Spam e-mails, Indian share of this Unsolicited and Privacy Violating communications is increasing fast.

Thanks to our Department of Information Technology (DIT), Department of Telecommunication (DOT) and Telecom Regulatory Authority of India (TRAI) that actively “Support and Encourage” these Tele Marketing Companies and Spam Producing Companies through abstaining from taking any action against them.

The Telemarketing and Spam Lobby is very powerful and that is preventing the DIT/DOT/TRAI from taking a pro active action in this regard. Further, India has no Privacy, Data Protection and Data Security Laws.

Even the Cyber Law of India, incorporated in the Information Technology Act 2000 (IT Act 2000), is useless in this regard. Further, almost all the Cyber Crimes in India are “Bailable” hence there is “No Deterrence” at all for Telemarketing and Spam Companies. Even the Telecom policy of India is not appropriate in this regard.

With an increased penetration of Wireless and Broadband Connections in rural and other sub urban areas of India, things would be more complicated. There is an urgent need to “Streamline” various issues that have been totally neglected so far.

GPS Based Tracking For Strauss Kahn While On Bail

GPS based tracking has become a trend these days. In US some Indian students were forced to wear GPS based devices till they were deported back to India. Similarly, the Haryana police proposed use of the same for criminals convicted of heinous crimes like murder while releasing them on parole or for some exceptional reasons.

Now the latest to add to this series is the former IMF chief Dominique Strauss-Kahn who would be wearing a GPS-equipped ankle bracelet tracking his every move. This is a part of his terms of release by a New York judge on $1 million bail. These GPS devices are capable of providing a minute-by-minute log of a wearer’s movements.

The GPS based devices can provide accurate information of their wearers. Their settings can allow the observers to watch the movements of wearer within feet to within yards.

Meanwhile, Strauss-Kahn will plead not guilty in the court. French interior minister said on Sunday France would support any request from Strauss-Kahn to serve jail time back home if he is convicted in New York.

GPS based monitoring has both positive and negative sides. On the negative side it has privacy violation issues whereas on the positive side it meets the needs of law enforcement adequately.

Let us see how GPS base monitoring devices would be used for legal and judicial purposes in India.

Parliamentary Standing Committee On IT Angry With DOT

Second generation (2G) spectrum irregularities took entire India for a shock. Even an entire session of Parliament of India was wiped out protesting against 2G scam and for raising a demand for formulation of a Joint Parliamentary Committee (JPC).

After much discussions and protests, a JPC was constituted that finished its enquiry. Simultaneously, Parliament's Public Accounts Committee (PAC) also submitted its report in this regard.

Now the Parliamentary Standing Committee on Information Technology has found the Department of Telecom (DoT) guilty of not cancelling 74 licences for the Unified Access Services (UAS) as recommended by the Telecom Regulatory Authority of India (TRAI). It suspects something basically wrong with DoT in favouring the defaulters instead of punishing them.

The defaulter companies include those who were given licences tweaking the rules and who are now facing the CBI probe. The committee is understood to have noted in its report that the telecom firms that faulted in rolling out the services should have been dealt with sternly.

Meanwhile, Minster of Department of Information Technology and DoT Kapil Sibal has decided to streamline the telecom policy of India. The current national telecom policy of India was badly drafted and dishonestly implemented. After the 2G scam a need was felt to have a new telecom policy for India. In this background, the national telecom policy of India 2011 was proposed.

Further, a draft National Frequency Allocation Plan (NFAP) of India 2011 has also been proposed to effectively utilise the scarce frequency of India. Kapil Sibal is definitely doing a good job in bringing order in the otherwise chaosed Indian telecom world.

Glendora Police Department Is Using Innovative Methods

Law enforcement agencies around the world are increasingly using information technology for efficient law enforcement delivery. In India as well projects like crime and criminal tracking network and systems (CCTNS) has been proposed by Home Ministry of India. Even projects like national intelligence grid (Natgrid) have been suggested by Home Ministry.

Further, a proposal to establish a system where first information reports can be filed online has also been proposed. However, till now all of these are just proposals and not even a single project has been implemented in India.

Law enforcement agencies of India are still afraid of information technology related issues like cyber law and use of computers and other technological instruments. Of course, they are catching up with the new technology but the pace is very slow.

The Glendora Police Department has launched a new feature on the Glendora Police Department's website. Now anyone who has access to a computer can see the calls that come into the police department in almost real time.

A department official said keeping the public informed about police activities serves two purposes. On one hand, he hopes it will reduce the work load for his employees. If people can see why a police helicopter is circling overhead with a few mouse clicks, they'll be less likely to flood police dispatchers with calls asking `why,' so the thinking goes.

On the other hand, it satisfies people's growing appetite for non-stop information. To that end, the department has also created its own online crime-mapping system. The official said there are also some big changes in store for the website, including an online log that shows whom the department has arrested.

And the Glendora Police Department isn't the only agency responding to that need. The Los Angeles County Sheriff's Department has taken a huge leap into the Information Age in the past year and a half.

I hope Indian law enforcement agencies may also take a leaf out of these activities from their foreign counterparts. Although electronic delivery of services in India has been proposed yet it is far from being actual implementation. Let us see how our law enforcement agencies would perform in future.

Saturday, May 21, 2011

Electronic Service Delivery In India Proposed

One of the main problems with Indian e-governance initiatives is that mandatory electronic delivery of services is missing in India. We have no mandatory e-governance services framework in India. Till now there is no provision under which citizens could ask for mandatory electronic delivery of services from the Indian government.

However, with the proposed draft Electronic Delivery of Services Bill 2011 (EDS Bill 2011) Indian government has for the first time shown its willingness to provide e-governance services in India. However, the real problem with Indian e-governance initiatives in general and proposed ESD Bill 2011 in particular is that legal framework for mandatory electronic services delivery in India is still missing from it.

The Department of Information Technology (DIT) of the Central Government has, through a written communication, sought suggestions of the State Government on the draft Electronic Service Delivery Bill-2011.
The proposed ESD Bill 2011 would make it mandatory for all government departments to deliver public services in electronic mode within a stipulated period of time.

As per the ESD Bill 2011, it would be required by all government departments to identify the basket of citizen centric services to be delivered through electronic means alongwith the stipulated timelines and service levels for each service. Each department would have to fix the timelines for mandatory electronic service delivery. However, no department would exceed a cutoff date fixed for the country. Its benefits would include efficient, transparent and reliable delivery of web enabled public services in a definite and time bound manner to citizens, thereby transforming Governance.

The implementation of the Act would be monitored by Electronic Services Delivery Commissions to be constituted at both Central and State levels. The ESD Bill 2011 has been proposed as a direct consequence of the e-delivery of public services development policy loan by the World Bank.

Recently the World Bank and Indian government signed a loan agreement of $150 million for the e-delivery of public services in India. The loan has been granted as the e-delivery of public services development policy loan to be utilised under the national e-governance plan of India (NEGP). However, till now neither a policy nor a legal framework has been established by India in this regard.

CBI Director Stresses Upon Technology Awareness Among Bank Officers

Recently the third conference of chief vigilance officers (CVOs) of public sector banks and financial institutions was held at the new central bureau of investigation (CBI) headquarters building. The director of CBI Shri Amar Pratap Singh advised the CVOs of banks and financial institutions to adapt to changing technology and sensitise staff to new methods of frauds.

Delivering the Key Note Address, Director CBI Shri Amar Pratap Singh said that CBI’s role is to investigate the criminality in bank frauds and it does not interfere in cases of prudent commercial judgement, even if such decisions involve risks or have resulted in losses to banks.

The Director, CBI called upon banks to adapt to changing technology and to sensitise its officers to new methods of fraud which are of late, noticed in electronic payments, technology related payments like RTGS, Credit Cards, ATM, Cell Banking, Internet Banking etc. Director CBI said the Banking Sector has lost as much as Rs.1883 crore and Rs. 2017 crore during 2008-09 and 2009-2010 respectively. These include over 200 frauds of above Rs One crore during each year.

Shri A.P. Singh stated that banking officials are guiding Investigating Officers in scrutiny of financial statement, credit appraisal etc which has enhanced the professionalism of CBI, in detecting bank frauds.

The Conference discussed important issues such as Preventive Vigilance, E-Tendering/E-Procurement and Forensic Auditing. The services of bank officers are being utilised in various branches of CBI such as Bank Security and Fraud Cell, Economic Offences Unit and Anti Corruption Units in the CBI Headquarters as well as regions.

The call from CBI director came after G Gopalakrishna, the executive director of Reserve Bank of India (RBI) said that all Banks would have to create a position of Chief Information Officers (CIOs) as well as Steering Committees on Information Security at the Board Level at the earliest. The idea is to use information technology to the maximum possible extent while maintaining the cyber security of banks.

While RBI and CBI have done a great job yet banks and financial institutions in India are not taking these directions and recommendations seriously. Till now the directions of RBI to appoint CIOs and steering committee has not been followed by banks of India. Similarly, banks of India are also at fault for ignoring the cyber security requirements. The RBI has even said that mobile banking in India is not yet popular due to low adoption of technology by banks. Let us hope the banks and financial institutions would take cyber law, cyber crimes and cyber security issues seriously very soon.

UK Looking Forward For Cyber Crimes Fighters

Till now it is an established fact that government of any nation by itself is not capable of dealing with cyber crimes and cyber security related issues. This is the reason why public private partnerships (PPP) is often adopted as a model to enhance capabilities of various national governments.

Further, contests and tournaments are also good source of talent mobilisation. For instance, the UK’s computer security industry has been conducting a series of games and tournaments to acquire fresh talents that can fight against the growing cyber crimes in UK.

UK will launch the Cyber Security Challenge next week that would bring out the best brains in the cyber security industry and common people. The search for new cyber security professionals follows warnings from chancellor George Osborne earlier this month, that government offices such as the Treasury were being bombarded with cyber attacks on a daily basis.

The government allocated £650m additional funding to fight cyber crime last autumn, indicating how tacking online crime had become a priority issue. However, 99 per cent of computer security companies surveyed last year said they could not recruit enough people for the work they were doing.

This is not a UK specific problem. In India as well Indian companies are finding it difficult to get talented workforce in IT field. Keeping in mind the international trend, India urgently needs to upgrade its skill development initiatives. There is an urgent need to develop techno legal skills development initiatives in India. Further, ICT skill development initiatives are also urgently required in India. There is also a need to club skill development and technical education in India.

Cyber security is an area that has not received much attention of Indian policy makers. Even private companies and industry is looking forward for skilled workforce in India. It is high time for India to invest in cyber security both in terms of technology and capacity development.