Saturday, December 22, 2012

Legal Firms In New Delhi India

Legal field around the world is growing. Law is a very complicated and vast area and with the amalgamation of information and communication technology (ICT), law has taken a new shape.

New areas like cyber law, cyber forensics, cyber security, e-discovery, e-commerce, etc have been emerging. However, there are very few legal institutions that cover these technical areas of law. The fact is that law is today a techno legal filed where both technical and legal fields have merged.

Naturally, finding good techno legal firms in India and other parts of the world is really tough. Many have expressed the opinion that there is an urgent need to have a comprehensive Indian law database that can serve the legal requirements of various stakeholders.

The good news is that Perry4Law and Perry4Law’s Techno Legal Base (PTLB) have provided the exclusive techno legal database of Indian law firms. As on date, it is the most comprehensive laws and law firms’ database of India that is really handy for various stakeholders.
For instance, if you are looking for a cyber law firms in New Delhi India, the platform of Perry4Law and PTLB would provide you a link of the same where not only details about Indian cyber law firms would be provided but also legal position of cyber law and related fields would also be discussed there.

In short not only details about various law firms would be there but also brief discussion about the respective field would be provided so that basic level legal information is available to the reader or viewer. You can see the law firms in New Delhi India segment of Perry4Law and PTLB for more information.

The platform main objective is to provide comprehensive and holistic information to the readers and viewers about the initiatives of Perry4Law and PTLB. Further, relevant links have also been provided so that readers can have a readymade reference resource at their disposal.

Gradually, the platform would cover diverse techno legal fields as are managed by Perry4Law/PTLB and other firms. This is a really ambitious and useful initiative and it is certainly going to be really useful for both national and international stakeholders.

Friday, December 21, 2012

National Cyber Security Policy Of India

The recent cyber attacks upon India have proved once again that we need to pay more attention to cyber security in India. Cyber security in India is required not only to protect sensitive information stored in the computers of strategic Indian departments and ministries but also to safeguard the present and future critical infrastructure of India.

Not only critical infrastructure protection in India is needed but also critical ICT infrastructure protection in India (CIIP in India) is need of the hour. CIIP in India is an area that requires urgent attention of our policy makers. We must formulate a critical ICT infrastructure protection policy of India as soon as possible.

Similarly, cyberspace crisis management plan of India is also required to be formulated. We must formulate a national ICT crisis management plan of India. Further, Indian crisis management plan against cyber attacks and cyber terrorism must also be formulated.

All these, and many more, aspects must be made a part of the cyber security policy of India. A national cyber security policy of India must be formulated in this regard that is made implementable after a reasonable period. Issues like cyber warfare, cyber terrorism, cyber espionage, international cyber security cooperation, etc must be part of the same.

We need a clear and implementable cyber security strategy of India. The cyber security policy and strategy of India must be techno legal in nature that can take care of both technical and legal aspects of cyber security.

There is no second opinion that national security policy of India is required and cyber security is an essential and indispensable part of the same. The sooner we formulate and adopt the same the better it would be for the larger interests of India.

Source: ICTPS Blog.

Cyber Security Policy Of India

Cyber security in India has not received the attention of Indian policy makers. As a result India has witnessed many sophisticated cyber security attacks against its computer systems operating at crucial departments and places from time to time. Even the terrorists are using technology to further their nefarious objectives in India. The problem is that Indian government, like any other government, is not capable of tackling cyber security issues single handedly. It needs private sector support to achieve this task.

According to Praveen Dalal, Managing Partner of the exclusive techno-legal cyber security research and training centre of India (CSRTCI), cyber security in India needs an urgent rejuvenation. He informs that till now Indian government has not thought it fit to consider cyber security as a part of National Policy.

It is obvious that India is finding it difficult to gather necessary cyber security expertise and this is resulting in a weak cyber security. Fortunately, private initiatives like CSRTCI are bridging the much needed gap of cyber security in India. The centre is providing techno-legal solutions for areas like cyber law, cyber security, cyber forensics, cyber terrorism, cyber espionage, critical ICT infrastructure protection, cyber war, etc. It is also providing techno-legal solutions for Indian projects like CCTNS, Natgrid, NCTC, etc.

CSRTCI also maintains a “repository” of software and tools for areas like cyber security, cyber forensics, penetration testing, malware analysis, encryption, stegnography, etc. It also maintains a rich techno-legal literature, articles, databases, etc for ready reference.

However, the most important and crucial achievement of the CSRTCI is that it has an “Exclusive Techno-Legal Software Repository” and research literature. It also has expertise for “aggressive defence” and human rights protection in cyberspace. In short, it is a single place destination for the techno-legal cyber security and allied fields.

The government of India and private sector of India must concentrate upon cyber security as soon as possible. Further, there is an emergent need to make proper amendments in the otherwise impotent, weak and ineffective cyber law of India. The increasing cyber crimes in India is also attributable to the “welcoming law” of India incorporated in the information technology act 2000 that instead of deterring the cyber criminals is in fact encouraging them to indulge in cyber crimes.

Source Legal Enablement Of ICT Systems In India.

National Cyber Security In India

Cyber security of India is ailing from various drawbacks. As a result India has not been able to fully capatilise the benefits of cyber security. There is no doubt about the proposition that cyber security in India must be improved urgently.

Although everybody talks about improving cyber security in India yet none provides the formula to do so. The safest and surest formula to strengthen Indian cyber security is to formulate an effective and robust cyber security strategy and policy of India.

India has another very compelling reason to ensure robust and resilient cyber security. The critical national infrastructure of India cannot be safeguarded from cyber attacks if India has a weak cyber security infrastructure, inform Praveen Dalal, managing partner of Perry4Law. With more and more public services now delivered though Internet, e-governance and computer systems, it is pertinent to ensure their integrity and security, suggests Dalal.

In fact, Indian government has released the draft electronic delivery of services bill 2011 that would ensure effective electronic delivery of services in India once it becomes an applicable law. However, the proposed mandatory delivery of electronic services would face many problems including cyber security problems.

If the essential public services are made electronic without ensuring robust cyber security, it would be a nightmare for India, warns Dalal. The government must ensure a strong cyber security for the infrastructure providing electronic delivery of services to Indian citizens, suggests Dalal.

National cyber security of India has to cover a long distance before we can call ourselves a reasonably cyber safe nation. India must increase cyber security readiness with adaptive threat management. Further, India must also ensure cyber due diligence compliances and cyber security audits, incidence response and threat analysis, first responder’s utilisation and other similar practices to ensure efficient cyber security practices.

Source: Techno Legal News.

Thursday, December 20, 2012

National Cyber Security Database Of India (NCSDI)

Cyber security field requires dedicated and collaborative efforts on the part of various stakeholders. Cyber Security In India also requires such collaborative efforts where public private partnership (PPP) can be really handy.

Cyber Security Issues In India are too much and too complicated to be managed by a single organisation or individual. At Perry4Law’s Techno Legal Base (PTLB) we believe that cyber security is a techno legal field that requires techno legal expertise. We also believe that we must develop both Offensive And Defensive Cyber Security Capabilities In India.

In other words, Cyber Security Skills And Capabilities Development In India must be ensured as soon as possible. PTLB E-Learning Platform has been working in this direction for long.

In order to make our cyber security efforts more robust, effective and holistic, PTLB has launched the first ever techno legal national cyber security database of India (NCSDI). Those interested in enrolling with NCSDI must read the enrolment criteria for the same.

Managing India’s Cyber Security Problems, Issues And Challenges is not an easy task. Without good collaboration and concrete steps in this direction, Cyber Security Issues And Problems In India cannot be resolved.

Keeping these cyber security mandates in mind, PTLB has been operating the exclusive techno legal Cyber Security Research Centre Of India (CSRCI) and NCSDI is an integral part of the same. We hope the Cyber Security Projects And Initiatives Of PTLB would prove useful to all concerned.

Source: Cyber Security Research Centre Of India.

National Security Database Of India

In a much needed development, Perry4Law’s Techno Legal Base (PTLB) has constituted the first ever techno legal national cyber security database of India (NCSDI). This is a significant development that can go a long way on strengthening of cyber security of India.

The NCSDI is a part and parcel of much larger and more specialised initiative of PTLB. It is part of the exclusive techno legal cyber security research centre of India (CSRCI) managed by PTLB.

The NCSDI would consist of techno legal cyber security experts of India who should be enrolled with PTLB in this regard. Those interested in enrolling with NCSDI must read the enrolment criteria for the same.


NCSDI would also be an essential part of various cyber security initiatives and projects of Indian government and private cyber security players of India and abroad.

NCSDI is a very ambitious and much needed initiative of PTLB that deserved support and collaboration of Indian government and various cyber security stakeholders. Let us see how NCSDI and CSRDI would strengthen the cyber security environment of India.

Source: Cyber Laws In India.

National Cyber Coordination Centre (NCCC) Of India

Cyber law issues, cyber security and national security are on agenda of Indian government these days. However, till now cyber security in India is not upto the mark and cyber law of India requires an urgent repeal. This is because the entire approach and attitude of India government is defective.

Indian government has failed to understand that e-surveillance is not a substitute for cyber security capabilities. Instead of developing cyber security capabilities of India, the Indian government is stressing upon growing use of e-surveillance in India and Internet censorship in India.

All these exercises of India government have been done without any legal framework supporting these initiatives of Indian government. Phones are tapped in India without a constitutionally valid phone tapping laws in India. The central monitoring system project of India (CMS Project of India) is also not supported by any legal framework. Surveillance of Internet traffic in India is also another area that requires a sound legal framework. Various authorities with far reaching powers have been created without any legal backing.

See ICTPS Blog for more.

Wednesday, December 19, 2012

E-Books In India

Electronic books publication is the latest trend world over. Although the market share of books publication is still dominated by printed books yet e-books business segment is also fast catching up.

Many e-commerce players belonging to education sector are eying India for a larger market for e-books. This cannot be effectively done till e-commerce laws and regulations in India are duly followed.

See E-Books Publication In India And E-Commerce Industry for more.

Cloud Computing Due Diligence In India

Cloud computing in India is still at the infancy stage. The primary reasons for this situation is absence of legal framework for cloud computing in India, missing privacy laws, absence of data protection laws in India, inadequate data security in India, etc. Even the basic level cloud computing regulations in India are missing.

Many legal experts in India have opined that India must not use software as a service (SaaS), cloud computing, m-governance, etc till proper legal frameworks and procedural safeguards are at place. Even the CEOs of many companies are apprehensive of using cloud computing for their companies businesses.

Even if a company or individual offers cloud computing services in India, it/he has to comply with many legal provisions and cyber due diligence requirements. The information technology act 2000 (IT Act 2000) has prescribed due diligence requirements for various business organisations and stakeholders. These due diligence requirements equally apply to cloud computing service providers in India.

These due diligence requirements are very stringent and cloud computing providers can find themselves in legal hassles if they ignore the same. Managing sensitive and personal data and information in India is no more a causal approach but it has become very stringent.

With the proposal to codify law of torts in India, more and more civil proceeding for violation of privacy rights may be initiated against the cloud computing service providers. It would be a wise option to establish best practices and cloud computing policy by all stakeholders in their own larger interests.

Source: ICTPS Blog

Cyber Law Due Diligence In India

Cyber Law Due Diligence and Cyber Security Diligence in India are two fields that are not taken seriously by Stakeholders and Intermediaries of India. Under the Information Technology Act 2000 (IT Act 2000) there are many “Due Diligence Requirements” that Banks, Internet Service Providers (ISPs), Search Engines, E-Commerce Portals, etc must fulfill. However, by and large these Due Diligence Requirements are seldom followed till some “Criminal Prosecution” takes place.

This “Mindset” needs to be changed in India. The Cyber Law of India has express provisions that provides for both Civil and Criminal Liabilities for “Non Observance of Due Diligence”. Once these provisions are attracted, the concerned Person or Institutions has to defend himself/itself in a Court of Law.

In India there is a lack of awareness about both Cyber Law of India as well Cyber Law Due Diligence Requirements in India. This is the main reason why Cyber Law Due Diligence has not been upto the requirements and expectations.

Of all stakeholders, Intermediaries must pay special attention to Cyber Law Due Diligence Requirements of India. Intermediaries like ISPs, Cyber Café owners, Web Hosting Service Providers, Blogging Platforms, etc have to take care of issues pertaining to Cyber Law, Cyber Security, Defamation Laws, Intellectual Property Rights (IPRs) Violations, etc.

A special care must be taken of the Online Copyright issues that are increasingly posing problems for Intermediaries. The liability of Internet Intermediaries for Copyright Violations is an issue that should be taken very seriously. With Laws like Digital Millennium Copyright Act (DMCA) and similar Laws, this liability has become very onerous.

“Take Down Notices” for Copyright Violations in the Cyberspace are very common these days. The moment a take Down Notice is communicated to the Intermediary, it becomes imperative on its behalf to take appropriate action. Further, the “Long Arm Jurisdiction” makes the applicability of National Law Extra Territorial. Even the Cyber Law of India has Extra Territorial Applicability.

Perry4Law and Perry4Law’s Techno Legal Base (PTLB) “Strongly Recommends” that all Stakeholders and Intermediaries must put in place Robust and Effective Due Diligence Mechanisms at their places. This would not only help them in preventing Crimes and Cyber Crimes but would also protect them from various Civil and Criminal Liabilities as well.

Source: ICTPS Blog

Intellectual Property Rights Services In India

Intellectual property rights in India (IPRs in India) need no introduction. These include areas like copyright, trademarks, patents, geographical indications, semiconductor protection, domain name protection, etc. Even IPRs services of India are world renowned. We have professionals and firms that are world renowned for providing world class IPRs services in India.

However, today’s IPR environment has become techno legal in nature. IP Professionals of India must be well versed with both technical and legal aspects of IPRs. Technological issues of IPRs in India are difficult to understand and apply. Cyber crimes are affecting IPRs like trade secrets and data protection severely. Techno legal IPR skill development in India is the need of the hour.

Similarly, legal process outsourcing in India (LPO in India) and knowledge process outsourcing in India (KPO in India) pertaining to IPRs is also required to be tuned up. LPO and KPO is no more a simple clerical work. They now require expertise that very few firms can provide.

Perry4Law and Perry4Law’s Techno Legal Base (PTLB) specialise in Techno Legal IPR Services. Further, PTLB is also managing the exclusive techno legal IPR LPO and KPO of India. PTLB is also providing exclusive techno legal ICT and IPR skill development in India.

While the IPR field is thriving upon innovation yet IPRs service providers are themselves have to be more innovative to cater the service requirements of these IP owners. PTLB manages one such resource that provides innovative IPR LPO, KPO and techno legal services to clients worldwide.

If you are interested in the techno legal intellectual property rights services in India and abroad, keep a close watch upon the IP Blog of PTLB. The Blog is covering areas like copyright, trademarks, patents, traditional knowledge, semiconductor industry, geographical indications, etc.

Further, if you are interested in great IPR LPO and KPO services in India and world wide, Perry4Law and PTLB are the number one choice. In short, Perry4Law and PTLB provide world class intellectual property rights services in India.

Source: Cyber Laws In India.

Working Group Of RBI On Information Security, Electronic Banking, Technology Risk Management And Cyber Frauds

Reserve Bank of India (RBI) has recently constituted a working group on information security, electronic banking, technology risk management and cyber frauds. The working group submitted its report in the recent past upon which public inputs were invited. After analysing the public inputs, the final draft has been recently released and notified by the RBI.

RBI has also directed that all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest. This direction was provided through the information technology vision document for 2011-17 (IT Vision 2011-17) and the recent notification of the draft report. This document has suggested many technological as well as legal reforms for banking sector of India.

RBI has recently acknowledged the risks of e-banking in India. There are many problems from which the online banking or Internet banking in India is suffering. The most important pertains to maintaining effective cyber security for banking and financial sectors of India. Similarly, there are no effective Internet banking laws in India or online banking laws in India. In the absence of stringent laws in this regard, online banking risks in India are increasing. However, of all the shortcomings, nothing can match the absence of encryption laws and standards in India. In the absence of proper encryption norms in India, e-banking in India is really insecure.

Although, RBI has been taking many far reaching and important steps yet e-banking in India still very risky. Of late, cases of phishing and banking frauds have increased tremendously in India. Further, cyber due diligence of banks in India is still a far dream. Even the directions of RBI to appoint CIOs and steering committees on information security have not yet been implemented.

Cyber security for banking and financial institutions of India is not in proper shape. Even due diligence requirements under the cyber law of India are not properly met. This has forced RBI to upgrade ATM security in India. Further, RBI has also imposed penalty upon 19 banks for non compliance with the regulatory requirements.

Indian banks are poor at cyber security policy formulation and its implementation. Cyber Security Policy is an issue that is very important for Banks of India, says Praveen Dalal, managing partner of New Delhi base ICT law firm Perry4Law and leading cyber law expert of India. With the growing use of Internet Banking, ATM machines, Credit and Debit Cards, Online Banking, etc, Banks of India must also upgrade their Cyber Security Infrastructure and establish a Cyber Security Policy, suggests Dalal.

RBI must rigorously implement the directions and suggestions made in the report of working group. Without stringent actions, the report would never be actually and practically implemented by Indian banks.

Source: Cjnews India.

RBI Working Group On Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds

RBI has recently directed that all banks would have to create a position of Chief Information Officers (CIOs) as well as Steering Committees on Information Security at the board level at the earliest. This direction was provided through the Information Technology Vision Document for 2011-17 (IT Vision 2011-17) and the recent notification of the draft report. This document has suggested many technological as well as legal reforms for banking sector of India.

Although the direction to have CIOs and Steering Committee is very clear yet till now banks in India has failed to comply with this direction. Perry4Law and Perry4Law’s Techno Legal Base (PTLB) have been analysing these issues for long and they have been providing their suggestions in this regard. We believe that RBI must play a more pro active role in analysing whether its Policies and Recommendations are duly complied with. It seems the Recommendations of the Working Group constituted by RBI have still not been implemented. A “Progress Report” must be sought from Banks of India in this regard by RBI as soon as possible.

See ICTPS Blog for more.

Dispute Resolution In Indian Cyberspace

Dispute resolution in Indian cyberspace is still a distant dream. Crucial components of dispute resolution in Indian cyberspace like online dispute resolution (ODR) in India and e-courts in India are still missing. Till December 2012 we are still waiting for the establishment of first e-court of India and ODR in India is still a distant dream.


See Techno Legal News for more.

Legal Compliances For Starting An E-Commerce Website In India

The most frequently asked question in the legal field these days pertains to the legal compliance requirements for starting an e-commerce website in India. The potential e-commerce entrepreneurs must not forget the broad category of e-commerce laws and regulations of India.

The legal formalities required for starting e-commerce business in India are now well established. Perry4Law, the exclusive techno legal ICT law firm of India and the premier e-commerce law firm of India, has already provided the legal framework in this regard. Now all national and international e-commerce players can know about e-commerce laws and regulations of India.

This article covers most of the possible techno legal issues that both national and international e-commerce players of India may face.

See Techno Legal News for more.

Tuesday, December 18, 2012

Report Of The RBI Working Group On Securing Card Present Transaction

The Reserve Bank of India (RBI) is taking cyber security of banking industry very seriously. RBI has been stressing that banks in India are required to ensure cyber due diligence and cyber security due diligence. However, the banks in India have still not done the needful in this regard even though the first quarterly report in this regard is due on 30th June, 2011.

Perry4Law and Perry4Law Techno Legal Base (PTLB) welcome this initiative of RBI and congratulate the working group for coming out with good guidelines.

See ICTPS Blog for more.

Cyber Security For Power Energy And Utilities In India

Cyber security challenges for smart grids and utilities in India are not unknown these days. Recently, India's power minister Veerappa Moily constituted a three-member panel to investigate massive power failures in the country a few days before.

Keeping in mind the cyber attack angle, he also added four additional members, including a cyber-security expert in this panel making it a seven member’s panel. It is obvious that India is excluding any possible cyber intrusions and cyber attack upon the power grids that may have resulted in blackout.

Power grids and utilities cyber security in India and their challenges are not easy to manage. They require a systematic, dedicated and security oriented approach on the part of Indian government. In fact, smart meters are becoming headache for power companies world wide.

Cyber security in India is still in its infancy stage. Naturally, the critical infrastructure protection in India is still not upto the mark. In fact, we have no critical ICT infrastructure protection policy of India  as well.

Meanwhile, sophisticated and specially customised malware like Stuxnet and Duqu have already proved that critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to diverse range of cyber attacks.
Perry4Law’s Techno Legal Base (PTLB) strongly recommends that Indian government must ensure cyber security of energy and utilities in India as soon as possible. SCADA may be the new cyber attack priority for cyber criminals and rouge nations. We must ensure sufficient cyber protection of SCADA systems in India in general and critical infrastructure in particular.

Source: ICTPS Blog.

India Is Facing Serious Cyber Threats

India has been facing serious cyber threats these days. These include threats from cyber espionage, cyber terrorism, cyber warfare, etc. Even social networking sites and cloud computing applications have come under cyber attacks.

Although cyber crimes and cyber threats have increased significantly in India yet cyber crimes prevention and network security in India are still far from perfect. India’s preparedness to tackle growing cyber crimes and cyber attacks is not proper and we do not have any cyber law policy in India.

In fact, cyber attacks and cyber terrorism preparedness of India is missing at all. Cyber terrorism is a concept that is closely related to national security and cyber security of any nation. While the definition and nature of cyber terrorism is still debatable yet none can doubt about the use of information and communication technology (ICT) for attacking crucial computer systems of others, says Praveen Dalal, managing partner of Perry4Law and CEO of Perry4Law’s Techno Legal Base (PTLB).

Realising the importance of cyber security and a defense against cyber terrorism, countries all over the world are streamlining their defense networks. Some have merged their traditional armed forces defenses with technology driven security while others have established a separate and dedicated cyber security segment for themselves. India also needs good techno-legal cyber security for its defense forces.

India must urgently formulate good cyber security policy and effective crisis management plan for cyber attacks and cyber terrorism. The issue must be taken at the national level and a national policy is needed in this regard, says Dalal.

We have launched a centre for protection of human rights in cyberspace that is covering the issues pertaining to protection of critical ICT infrastructure in India, prevention of cyber terrorism in India, cyber espionage in India, defense against cyber war in India, etc. The centre would also provide suggestions and methods to prevent e-surveillance by governmental as well as non-governmental persons and organisations, informs Dalal.

Time has come when India must seriously take issues like cyber security, cyber terrorism, cyber war and other rallied issues. We need both policy level as well as legislative measures to make Indian cyberspace robust and secure. On the legislative side, we must enact strong cyber laws and on the policy side we must enact suitable cyber security policy of India and cyber crimes policy of India.

Till now India lacks initiatives on both these fronts. The present cyber law of India has decayed and it needs must urgently be repealed. The information technology act 2000 is not serving much purposes these days and it must be replaced by a more effective and strong cyber law. Let us hope that Parliament of India would do the needful in the forthcoming session.

Source: Cjnews India.

Mobile Banking Cyber Security Is Required In India

Mobile banking in India is moving towards an acceptance level. However, till now very few people and institutions are comfortable in using mobile banking in India. Mobile banking in India is still not popular according to RBI. There are certain shortcomings of mobile banking in India that are still left unaddressed.

For instance, mobile governance in India is still not well established. M-governance in India is essential before mobile banking can be successfully implemented in India. We have no regulatory framework for m-governance in India. Even the proposed electronic delivery of services bill 2011 of India has failed to provide a mandatory legal framework for electronic delivery of services in India, including for mobile banking. In short, India is still not ready for m-governance and cloud computing especially in the absence of dedicated e-commerce laws in India.

Mobile banking in India is risky due to absence of mobile cyber security in India. Further, online banking system of India is not secure. In the absence of adequate cyber security safeguards, e-banking in India is not safe. The cyber security trends in India 2011 have also proved that Internet banking cyber security in India is in poor shape and it needs to be strengthened. Even data security, privacy and cyber security in Indian banking industry is not satisfactory.

Online banking risks in India are increasing and this is also shaking the confidence of customers in the same. Even RBI has acknowledged risks of e-banking in India. ATM frauds in India are increasing. In fact, Reserve Bank of India (RBI) has recently released the report of its working group on securing card present transaction that covers ATM security and credit card security issues as well. Internet banking risks in India cannot be effectively tackled till we have dedicated Internet banking laws in India.

Although an integrated banking law of India has been proposed yet it may take some years before it is actually enacted. In an interesting development, the RBI removed limits from mobile banking transactions limits in India. This is good for the development of mobile banking in India but is bad for the interests of mobile banking customers who have almost no safeguards against cyber crimes and technology assisted financial frauds happening in the mobile banking field.

The cyber law in India has prescribed cyber law due diligence for various stakeholders. Cyber due diligence for banks in India is just a part of the same. Cyber due diligence for Indian companies including banks operating in India is very stringent. However, Indian banks are not following the guidelines of RBI prescribing mandatory cyber security requirements for banks of India. Further, banks are also liable

Even on the policy front, mobile banking has received a bad response form Indian government. For instance, absence of effective encryption laws in India and non use of robust encryption in India has made the mobile security very weak in India. Instead of making the encryption requirements redundant and weak, India must concentrate upon further strengthening the same for better and secure mobile communications. Governments of most developed countries allow the usage of strong encryption standards ranging from 128 bits to 256 bits or more to ensure the security of sensitive information exchanged via Internet and other networks. However, India is still clinging to 40 bits encryption standards for the simple reason that intelligence and security agencies of India are not capable enough to break strong encryptions.

A weak mobile banking infrastructure would also affect other projects and schemes as well. For instance, recently the Securities and Exchange Board of India (SEBI) has declared about its intentions to introduce electronic initial public offer (E-IPO) in India. This is a good step but E-IPO cannot succeed in the absence of strong mobile banking and Internet banking infrastructure. Online payments mechanisms in India must also be suitable strengthened to make such proposals workable.

India must give these considerations some serious thoughts if it wishes to encash the benefits of technology. Otherwise, concepts like Internet banking and mobile banking are more nuisance than luxury in India.

Source: ICTPS Blog.

Pharmaceuticals E-Commerce Legal Issues In India

E-commerce has become one of the premier choices of retail industry in India. Further, traditional business houses are also exploring the possible use of e-commerce to expand their brick and mortar business.

A common mistake that most of e-commerce service providers in India are making is avoidance of requisite legal formalities in this regard. Legal formalities required for starting e-commerce business in India cannot be ignored as their breach may attract both civil and criminal actions.

Thus, legal requirements to start an e-commerce website in India must be duly meet before jumping upon the e-commerce platform. This is more so regarding companies entering into pharmaceuticals e-commerce in India. Presently, online sale and purchase of prescribed drugs and medicines in India is a risky venture that must be undertaken only after fully complying with the legal formalities prescribed in this regard.

According to Praveen Dalal, managing partner of India’s exclusive techno legal ICT law firm Perry4Law, while we have basic level e-commerce legal framework in India yet e-health related legal framework is missing. For instance, e-health in India is facing legal roadblocks. Till now we do not have any dedicated e-health laws and regulations in India. The legal enablement of e-health in India is urgently required, suggests Praveen Dalal.

According to Praveen Dalal, legal issues of e-commerce in India vary as per different business models. For instance, electronic trading of medical drugs in India requires more stringent e-commerce and legal compliances as compared to other e-commerce activities. Digital communication channels for drugs and healthcare products in India are scrutinised more aggressively than other e-commerce activities. In fact, regulatory and legislative measures to check online pharmacies trading in banned drugs in India are already in pipeline, informs Praveen Dalal.

In a parallel development, the FIPB postponed pharmaceuticals sector FDI proposals in India. Further, India is also planning to reduce prices of expensive patented drugs to make medicines affordable to its predominantly poor population. The expiring medicines patents could boost pharmaceutical e-commerce in India as well.

The scope for pharmaceuticals e-commerce in India is bright provided e-commerce stakeholders duly take care of the applicable legal provisions in this regard.

Source: Techno Legal News.

Data Security, Cyber Security And Privacy In Indian Banking Industry

Banking industry of India is passing through a transformation age. From technological upgradations to enacting new regulatory norms, banking sector of India is all set for a big change. However, this change is also very demanding and challenging in terms of legal obligations and technological knowledge. Banks in India are finding it difficult to cope with both.

For instance, banks in India are required to not only ensure cyber due diligence in India but also cyber security due diligence in India. Reserve Bank of India (RBI) has very categorically told Indian banks to ensure effective cyber security in their day to day affairs and banking transactions. However, banks in India are not complying with RBI’s cyber security due diligence requirements due to lack of awareness and technical expertise.

Further, on the compliances front as well, banks in India are not doing the needful. For instance, as per RBI’s recommendations, all banks should create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest. Till now banks in India have not fulfilled these requirements.

Similarly on the front of cyber security Indian banks have not performed well. Cyber security for banking and financial sectors of India is not up to the mark. Internet banking risks in India are in abundance and we have no cyber security of Internet banking in India. Even cyber due diligence for banks in India is not taken seriously by Indian banks. Cyber security of online banking systems in India is by and large below average and many cases of banking financial frauds and cyber crimes have been reported in India.

Even the mobile banking in India is risky as the present banking and other technology related legal frameworks are not conducive for mobile banking in India. We have no dedicated Internet banking laws in India or mobile banking laws in India. Mobile banking transactions in India are risky and untrusting in the absence of mobile cyber security in India. We are still not ready for mobile governance in India as m-governance in India is not going to be successful in the absence of a sound mobile governance policy of India.

Data security and privacy in Indian banking industry is another area that requires special attention of Indian banks. Banks in India must ensure privacy protection and data protection of its customers.

The corporate and banking laws in India are in the process of being streamlined. An Integrated modern banking law in India is also in pipeline. RBI has also prescribed an enhanced due diligence measures by banks of India for higher risks customers. Overall, the emphasis is upon ensuring data security, cyber security and privacy protection by banks operating in India.

Source: Techno Legal News.

Cyber Security For Banking And Financial Sectors Of India

Cyber security is an issue that is very important for India. With the growing use of Internet banking, ATM machines, credit and debit cards, online banking, etc, banks of India must also upgrade their cyber security infrastructure.

Reserve Bank of India (RBI) has taken some very pro active steps in this regard. RBI has made it mandatory to appoint chief information officers (CIOs) and steering committees on information security at the board level at the earliest. The intentions are good and so must be their implementations.

Cyber security cannot be used by banking and financial sectors of India till it is systematically used by them. For that a dedicated cell or wing must be established that can take care of issues pertaining to cyber law, cyber security, cyber forensics, cyber due diligence, etc.

Although there are numerous such due diligence requirements yet banks and financial institutions must consider the cyber security aspects on a priority basis. Indian banks and financial institutions are increasingly facing cyber crimes pertaining to banking industry. Further ATM frauds, credit card cloning, phishing attacks against banks and financial institutions, etc are also on rise.

Further data security and privacy issues are other areas of concern for banks and financial institutions of India. They must consider data security and privacy issues of their customers very seriously otherwise they would be violating the due diligence requirements under various law, especially the cyber law of India. Data security and privacy in Indian banking industry requires immediate attention of RBI.

RBI is already working hard in these directions and its is a matter of time before banks and financial institutions of India would be mandatorily required to ensure strong cyber security, effective data protection and stringent privacy protection of their customers.

Source: Techno Legal News.

Why Indian Critical Infrastructure Are Vulnerable To Cyber Attacks?

In the present interconnected world, cyber security capabilities of India must be urgently developed. In fact, Indian critical infrastructure and cyber security challenges and issues have assumed so much significance that Indian government declared the establishment of National Critical Information Protection Centre (NCIPC) of India.

The best way to ensure critical infrastructure protection in India is to make it a part of national cyber security policy of India. Various cyber security issues of India must also be part of such cyber security policy of India. Further, besides energy, defense, transportation and telecommunication, the financial sector which includes banks and stock exchanges must be suitably protected in India. Unfortunately, till now cyber security challenges of India remain unredressed.

Computer Forensics Law Firms In India

Cyber crimes in India are at rise and Indian government has also realised this fact. Solving of cyber crimes requires good cyber crime investigation capabilities in India. Cyber crimes investigation in India is still catching up with the advanced cyber crimes. As on date cyber criminals are well ahead of the law enforcement agencies world over.

The cyber crimes trends in India 2012 projected by Perry4Law and Perry4Law’s Techno Legal Base (PTLB) have shown increased incidences of cyber crimes in India. The Cyber and Hi-Tech Crimes Investigation and Training Centre (CHCIT) of India has been investigating complicated cyber crimes happening in India. Cyber crimes against Indian women and their techno legal solutions are also been managed by PTLB and CHCIT.

Even there are very few cyber law firms in India that can provide litigation and consultancy support for cyber law cases. The cyber forensics services in India are also managed by few players.


National Digital Preservation Policy Of India

Digital Preservation (DP) in India is a very recent concept that has not even been conceptualised properly. There is neither a legal framework in this regard nor national policies and strategies in India.

Although a National Digital Preservation Programme (NDPP) of India has been launched but it is at a very nascent stage. DP is becoming an important requirement all over the World and India cannot ignore the importance of the same.

The DP initiatives are facing many road blocks that are preventing them from materialising in India. For instance, Intellectual Property Rights (IPRs) are occasionally found on the crossroads of DP initiatives. The IPRs Issues in the digital era are also closely related to the requirements of DP in India.

With the rapid advancement of technology day by day, old applications and methods are becoming obsolete. We need to upgrade them from time to time. We also need to change form of various IPRs protected works from one form to another. This sometimes results in copyright, trademark, patents, etc violations.

In short, IPRs issues in the digital era and cyber space are difficult to manage and we need both good policies and laws to manage the same effectively.

According to Digital Preservation Expert and managing partner of ICT law firm Perry4Law Mr. Praveen Dalal "DP issues are also going to be more complicated with the enactment of laws like Digital Millennium Copyright Act, 1998 (DMCA). Efforts are in the pipeline for adoption of an efficient Digital Rights Management (DRM) system in India. This seems to be a step in the direction of protecting fast-growing Indian digital entertainment and media industry.

This may not be fruitful if we fail to appreciate the ground realities existing in India. India needs a Techno-Legal Law that is in conformity with Indian Standards and Norms”. The first and foremost requirement for DP in India is to formulate a good and effective techno-legal digital preservation policy of India.

The task is really difficult unless good experts are involved in this much needed project. With the basic policy framework we can further proceed towards techno-legal framework as well.

Source: Techno Legal News.

Indian National Digital Preservation Policy

This is the updated version of my previous article titled national digital preservation policy of India. Digital contents issues in India have not received the attention of Indian government for long. The fields of digital contents creation and management as well as digital preservation in India have effectively remained untouched.

The DP initiatives are facing many road blocks that are preventing them from materialising in India. For instance, Intellectual Property Rights (IPRs) are occasionally found on the crossroads of DP initiatives. The IPRs Issues in the digital era are also closely related to the requirements of DP in India.

There is no Regulatory Framework for Digital Preservation in India and it is managed by Administrative Side of Indian government, informs Praveen Dalal, managing partner of New Delhi based IP and ICT Law Firm Perry4Law and leading techno legal expert of India. Even the Information Technology Act, 2000 (IT Act, 2000) is not sufficient to accommodate the issues of Digital Preservation, Digital Curation, etc and we need a dedicated Digital Preservation Legal Framework in India, suggests Dalal.

See Cjnews India for more.

RBI Acknowledges Risks Of E-Banking In India

Reserve Bank of India (RBI) has been playing a pro active role for securing Internet banking and online banking transactions. Recently, RBI showed its intention to boost ATM security in India. In the past, concerns have been raised from time to time for preventing online banking frauds in India by RBI.

There are many problems from which the online banking or Internet banking in India is suffering. The most important pertains to maintaining effective cyber security for banking and financial sectors of India. Similarly, there are no effective Internet banking laws in India or online banking laws in India. In the absence of stringent laws in this regard, online banking risks in India are increasing. However, of all the shortcomings, nothing can match the absence of encryption laws and standards in India. In the absence of proper encryption norms in India, e-banking in India is really insecure.

See Cjnews India for more.

Critical Infrastructure Protection (CIP) And Homeland Security (HS) In India

Critical national infrastructure security in India needs to be strengthened. Highly sophisticated malware like Duqu, Stuxnet, etc targeted India in the year 2011 and India is still investigating the Duqu malware. Indian nuclear facilities, automated power grids, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to sophisticated cyber attacks. It is still not clear whether Indian satellites are safe from cyber attacks.

Supervisory control and data acquisition (SCADA) is another area of concern. Cyber protection of SCADA systems in India must also be ensured. Similarly, Indian defense and security against cyber warfare needs to be developed so that cyber attacks against India can be thwarted. A good cyber security policy in India must be formulated that must include a critical ICT infrastructure protection policy of India as well. Similarly, effective legal and policy framework for cyber security must also be created in India.

See PTLB Blog for more.