Tuesday, May 31, 2011

Google News Censorship Increased Further

Google has been censoring news results for long. While censoring of unique identification authority of India (UIDAI) related posts is a very regular feature yet censorship and filtering of news regarding international organisations like World Bank and world intellectual property organisation (WIPO) is the latest trend.

For some strange reasons the article titled WIPO patent committee discussed tech transfer and public health has been filtered twice. There is no technical error and webmaster tool of Google is also not showing any error. Even the novel excuse of Google news server 503 error is also missing.

Google has been in controversies from time to time. Whether it is illegal data gathering, censorship of Google news searches, manipulation of search results, etc, Google has been doing it all.

Further, Google has been censoring critical web posts regarding Aadhar project of India and unique identification authority of India (UIDAI) for the past two or more years. Further, it has also temporarily filtered some of our posts questioning the practice of World Bank to grant unaccountable loans to countries like India. Further, international loans and grants related posts questioning the role of World Bank and Indian government are also poorly placed in search results.

It is not clear why Google is doing so. But it would be safe to presume that Google is doing this to safeguard its own commercial interests in India even if means violating civil liberties of Indians. The draconian cyber law of India has finally started showing its true nature. Let us see what is waiting for us in future.

Sunday, May 15, 2011

Cyber Command And Control Authority Of India

Cyber security is an issue that has always been ignored by India. As a result, cyber security of India is in a poor condition. Cyber security is not mere formulation of policies but their actual implementation. At this level of implementation, Indian government fails miserably as it lacks the techno legal skill necessary to implement cyber security policies.

India needs skilled techno legal professionals who can implement the cyber security policy of India. As a matter of fact, till now we have no cyber security policy in India and we need to formulate a good one as soon as possible.

India must formulate effective Preventive and Offensive Cyber Capabilities to safeguard its Cyberspace and Critical Infrastructure, suggests Praveen Dalal, managing partner of New Delhi based techno legal firm Perry4Law and leading techno legal expert of India. India must develop Cyber Warfare Capabilities as soon as possible, suggests Dalal.

There is no doubt that Indian national security must have information warfare as an essential component. Taking clue from various suggestions of techno legal experts of India, the Manmohan Singh government is in the process of establishing a cyber command and control authority for India. This would be a centralised mechanism that would be placed under the National Security Adviser who reports to the PM.

This is a good step in the right direction, says Dalal. This was a much needed initiative that has, at last, got the attention of Indian Government. The only thing that remains to be seen is how effectively this initiative would be handled by Indian Government, says Dalal. Let us see how the National Security Adviser would proceed with this initiative.

Wednesday, May 11, 2011

Does World Bank Ensures Accountability To Its Loans?

I wrote a critical article titled “Does World Bank Sees What Happens To Its Loans?. For some strange reasons, this article of mine was censored by Google. Of late Google has been censoring views and opinions that are critical to Indian government. For instance, articles on Aadhar project and UIDAI are frequently censored by Google. Thanks to the draconian cyber law of India, this is now possible without following any due process in India. I am reposting this article so that Google can censor it one more time and I can repost it once again.

Loans are granted by international organisations and institutions for the development of a nation. But it is a rare occasion when such loans are actually utilised for the development of such nation. On the contrary, such loans just ensure the personal development of ministers and bureaucrats and common man never receives the benefits of such loans or grants.

Recently the World Bank and Indian government signed a loan agreement of $150 million for the e-delivery of public services in India. The loan has been granted as the e-delivery of public services development policy loan to be utilised under the national e-governance plan of India (NEGP). However, the bigger question is would this loan be utilised for the benefit of common man?

Keeping in mind the past record, the answer seems to be in negative. India has a poor track record of e-governance utilisation and providing of electronic delivery of services in India. We have no legal enablement of ICT systems in India and legal framework for e-delivery of services in India is also missing. In fact, as per e-governance experts of India, e-governance in India is dying. Without a mandatory e-governance services in India, e-delivery of services in India cannot be achieved.

According to Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India, “The Government and Indian Bureaucrats need to change their mindset and stress more upon outcomes and services rather than mere ICT procurement. India needs a services-based approach that is not only transparent but also backed by a more efficient and willing Government. Presently the Bureaucrats and Government of India are in a “resistance mode” towards novel and effective e-governance policies and strategies and they are merely computerising traditional official functions only. This is benefiting neither the Government nor the citizens and is resulting in wastage of thousands of crores of public money and United Nations Development Programme (UNDP) and World Bank Grants amount”.

“The Governmental will and leadership is missing in India. To worsen the situation the Government of India is concentrating more upon the image rather than upon the end results. The grassroots level action is missing and the benefits of ICT are not reaching to the under privileged and deserving masses due to defective ICT strategies and policies of Indian Government. India is suffering from the “vicious circle” of defective e-governance, as the basic input .i.e. governance itself is poor. India needs a “virtuous circle” of e-governance through good governance that would have multiplication and amplification effect upon e-governance efforts of Indian Government, says Praveen Dalal.

E-delivery of public services in India is missing and World Bank is not at all interested in establishing transparency and accountability in Indian NEGP. World Bank must ensure accountability of Indian NEGP in order to show that its loans are actually meant for growth and development of Indian masses rather than benefiting few politicians and bureaucrats as is happening right now.

The loans granted by World Bank must be tied up and accountable loans. These loans must be tied up with performance and achievement and must be released in stages only. Once the first stage is accomplished satisfactorily then only the next stage loan must be given.

However, neither World Bank nor Indian government is in a mood to actually utilise the granted loans for the betterment of Indian masses. Why and for whom these loans are granted would always remain a big question.

Intellectual Property Rights Services In India

Intellectual property rights in India (IPRs in India) need no introduction. These include areas like copyright, trademarks, patents, geographical indications, semiconductor protection, domain name protection, etc. Even IPRs services of India are world renowned. We have professionals and firms that are world renowned for providing world class IPRs services in India.

However, today’s IPR environment has become techno legal in nature. IP Professionals of India must be well versed with both technical and legal aspects of IPRs. Technological issues of IPRs in India are difficult to understand and apply. Cyber crimes are affecting IPRs like trade secrets and data protection severely. Techno legal IPR skill development in India is the need of the hour.

Similarly, legal process outsourcing in India (LPO in India) and knowledge process outsourcing in India (KPO in India) pertaining to IPRs is also required to be tuned up. LPO and KPO is no more a simple clerical work. They now require expertise that very few firms can provide.

Perry4Law and Perry4Law Techno Legal Base (PTLB) specialise in Techno Legal IPR Services. Further, PTLB is also managing the exclusive techno legal IPR LPO and KPO of India. PTLB is also providing exclusive techno legal ICT and IPR skill development in India.

While the IPR field is thriving upon innovation yet IPRs service providers are themselves have to be more innovative to cater the service requirements of these IP owners. PTLB manages one such resource that provides innovative IPR LPO, KPO and techno legal services to clients worldwide.

If you are interested in the techno legal intellectual property rights services in India and abroad, keep a close watch upon the IP Blog of PTLB. The Blog is covering areas like copyright, trademarks, patents, traditional knowledge, semiconductor industry, geographical indications, etc.

Further, if you are interested in great IPR LPO and KPO services in India and world wide, Perry4Law and PTLB are the number one choice. In short, Perry4Law and PTLB provide world class intellectual property rights services in India.

Tuesday, May 10, 2011

Self Defence And Deterrence In Indian Cyberspace

Self defence in cyberspace may be exercised either against private individuals or against government and its agencies. In both cases, a well established self defence infrastructure must be established at the governmental and individual levels. India urgently needs a proactive self defence mechanism in cyberspace to effectively tackle private and governmental cyber intrusions.

Any government agency of India can tap your phone or engages in e-surveillance of your e-mails and other electronic communication without a constitutionally sound law. We have no constitutionally sound lawful interception law in India and phone tapping and e-surveillance in India are done in an illegal and unconstitutional manner.

India is the only country of the World where Phone Tapping and Interceptions are done without a Court Warrant and by Executive Branch of the Constitution of India, informs Praveen Dalal, managing partner of New Delhi based exclusive ICT law firm Perry4Law and leading techno legal expert of India. Phone Tapping in India is “Unconstitutional” and the Parliament of India has not thought it fit to enact a “Constitutionally Sound Law” for Phone Tappings and Lawful Interceptions. Even the Supreme Court’s directions in PUCL case have proved futile and presently the Court is dealing with the issue once more, informs Dalal.

Of all e-surveillance project, nothing is worst than the Aadhar project of India and its implementing unique identification authority of India (UIDAI) headed by Nandan Nilekani. Irrespective of what Nandan Nilekani and Indian government says, Aadhar project and UIDAI are serving a very vicious, evil and nefarious objective of e-surveillance without procedural safeguards. Surprisingly, even Google is censoring results pertaining to Aadhar project and UIDAI and is messing up with search placement results.

India has an exclusive Techno Legal Centre for Protection of Human Rights In Indian Cyberspace (HRPIC). Indian Government must maintain a “Delicate Balance” between National Security requirements and Protection of Fundamental Rights, suggests Dalal.

However, expecting this type of fair and honest behaviour from Indian government and its agencies would itself be unfair. Indian government is least bothered to protect human rights in cyberspace of Indian netizens. Even United Nations (UN) has failed to take notice of this serious situation.

The exercise of self defence against Indian government and its agencies seems to be the only option especially when the Parliament of India has abdicated its role of law making and parliamentary oversight.

Tuesday, May 3, 2011

Technology Arbitration In India

Both technology related and technology assisted arbitrations in India are rare. Cyber arbitration in India and cyber arbitration and mediation centers in India is difficult to find in India. In fact, we have a single techno legal technology arbitration and mediation centre in India.

Recently World Intellectual Property Organisation (WIPO) has revealed in a statement that cyber squatting has increased significantly. Now the problem in India is that we have no domain name protection law hence securing domain name protection in India is a very tedious job. Further, there are very few individuals and institutions that provide domain name dispute resolution services in India or technology related dispute resolution services in India.

Perry4Law Techno Legal Base (PTLB) is the premier techno legal segment of exclusive techno legal ICT law firm of India Perry4Law. It is providing techno legal online dispute resolution services. Further, it is also managing the exclusive e-courts training and consultancy center of India.

We have to invest in adequate skill developments in India regarding ODR and e-courts as most of the technology related disputes would be solved through theses mediums only in the future.

Monday, May 2, 2011

Electronic Banking In India

This is the updated version of my previous article on same topic. Electronic banking in India or e-banking in India is increasingly being used by both banks and customers alike. This brings mobility and convenience to both banks and customers. However, with the benefits there are drawbacks of e-banking as well. This article addresses some of these concerns.

Reserve Bank of India (RBI) has come across many complaints and disputes regarding fraudulent credit card, online banking and ATM transactions. Even phishing incidences have sharply arisen in India resulting in loss of money of public at large. RBI ombudsmen office has been flooded with such complaints.

In these circumstances, online banking in India is risky. We have no e-banking laws in India and this also makes the mobile banking in India risky. Even RBI has acknowledged risks of e-banking in India.

E-banking in India cannot succeed till a strong legal framework in this is enacted. According to Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India, we have no dedicated E-Banking Law in India. Although, RBI has issued many guidelines in this regard and even our Information Technology Act, 2000 contains some indirect and implied provisions for Internet or E-Banking yet we need a separate and dedicated law in this regard, opines Praveen Dalal.

Recently, G Gopalakrishna, the executive director of RBI, said that all Banks would have to create a position of Chief Information Officers (CIOs) as well as Steering Committees on Information Security at the Board Level at the earliest, informs Dalal. This step was taken to ensure proper Cyber Security Policies and Strategies at the highest Board Level of Banks, says Dalal.

Although RBI has mandated cyber due diligence for banks in India especially the due diligence for banks under IT Act 2000 yet banks have still to keep their functions in order. Indian banks are poor at cyber security and they are in no mood to appoint CIOs and steering committee.

Recently the final report of working group of RBI on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds has been released. It has prescribed the time limits for implementation of RBI recommendations on information security. With the deterrent approach of RBI towards non compliance, it would be safe to presume that CIOs, steering committee and cyber security related compliances would also be taken seriously by RBI.

It is high time for banks operating in India to keep their e-banking infrastructure technologically and legally sound. The best option for banks seems to be to adopt Techno Legal Measures that covers both Technical and Legal aspects of Banking, suggests Dalal.

Sunday, May 1, 2011

Implementation Of RBI Recommendation On Information Security

The forming of Working Group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds by Reserve Bank of India (RBI) was a landmark step taken by RBI. Equally impressive was the imposition of penalty upon 19 commercial banks by RBI for non compliance of prescribed standards.

This shows that RBI is not tolerating the causal and non compliance attitude of commercial banks in India. It would be even better if RBI is equally concerned about non compliance of the recommendations regarding adoption of information security related policy and infrastructure.

For instance, the report of working group has recommended that all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest. Till now these recommendations have not been complied with. Further, Indian banks are also poor at formulating and implementing cyber security policies.

Now the RBI has issued a notification for the implementation of the recommendations of its working group. The group examined various issues arising out of the use of information and communication technology (ICT) in banks and made its recommendations in nine broad areas. These areas are IT Governance, Information Security, IS Audit, IT Operations, IT Services Outsourcing, Cyber Fraud, Business Continuity Planning, Customer Awareness programmes and Legal aspects.

The report was placed on the RBI website on January 21, 2011. Subsequently, on February 1, 2011, views/comments of all stake-holders and the public at large on the Report were invited. After taking into account various responses, final guidelines in the respective areas as mentioned above are now being issued to banks for implementation.

The guidelines are not “one-size-fits-all” and the implementation of these recommendations need to be risk based and commensurate with the nature and scope of activities engaged by banks and the technology environment prevalent in the bank and the support rendered by technology to the business processes. Banks with extensive leverage of technology to support business processes would be expected to implement all the stipulations outlined in the circular. For example, banks which do not offer transactional facilities in internet banking would not be required to implement specific measures for transactional internet banking facility outlined in the guidelines. Further, various instructions in “IT operations” chapter like detailed configuration management practices may not be necessary for banks that do not develop or maintain critical applications internally, though such practices may be expected from the external vendor providing such services.

The group had endeavored to generate self-contained and comprehensive guidelines. This has resulted in reiteration of certain guidelines already prescribed by RBI, for example, in certain areas relating to information security, outsourcing, BCP and IS Audit. However, there are certain guidelines like the checklist for computer audit prescribed in the year 2002 which on the whole cannot be ignored since the nature of coverage is different. In the event of a direct conflict with an earlier guideline, the new guideline would be the basis for implementation by banks. Else, the relevant guidelines prescribed earlier would be an adjunct to the present guidelines issued herewith. It would be the endeavor of RBI to develop the enclosed guidelines as a Master Circular incorporating relevant old and new circulars on related subject areas in due course. In the event of any further clarifications in the matter, banks may approach RBI for further guidance.

The Group’s report was largely technology neutral except in exceptional circumstances where a specific technology/methodology may be suggested due to legal reasons or for enhanced security or for illustrative purpose. It is clarified that except where legally required, banks may consider any other equivalent/better and robust technology/methodology based on new developments after carrying out a diligent evaluation exercise.

Banks may have already implemented or implementing some or many of the requirements indicated in the circular. In order to provide focused project oriented approach towards implementation of guidelines, banks would be required to conduct a formal gap analysis between their current status and stipulations as laid out in the circular and put in place a time-bound action plan to address the gap and comply with the guidelines. However, banks need to ensure implementation of basic organizational framework and put in place policies and procedures which do not require extensive budgetary support, infrastructural or technology changes, by October 31, 2011. The rest of the guidelines need to be implemented within period of one year unless a longer time-frame is indicated in the circular. There are also a few provisions which are recommendatory in nature, implementations of which are left to the discretion of banks.

Given the fact the guidelines are fundamentally expected to enhance safety, security, efficiency in banking processes leading to benefits for banks and their customers, the progress in implementation of recommendations may be monitored by the top management on an ongoing basis and a review of the implementation status may be put up to the Board at quarterly intervals. Banks may also incorporate in their Annual Report from 2011-12 onwards broadly the measures taken in respect of various subject areas indicated in these guidelines.

The measures suggested for implementation cannot be static. Banks need to pro-actively create/fine-tune/modify their policies, procedures and technologies based on new developments and emerging concerns. Reserve Bank of India would review the progress in implementation of the guidelines in its Quarterly Discussions with banks and would examine comprehensively the efficacy of implementation of the guidelines commensurate with nature and scope of operations of individual banks from the next AFI cycle (for the period 2011-12) onwards.