Friday 30 November 2012

Unconstitutional And Illegal Biometrics Collection Laws And Practices In India

India is passing through one of the “Most Dangerous Periods” for Civil Liberties and Human Rights Protections. No time in the past Indian Citizens were so “Vulnerable” to Human Rights Violations and blatant violation of their Fundamental Rights.

The Constitution of India has conferred many Fundamental Rights upon Indian Citizens and Persons. However, Indian Government is acting in clear “Derogation” of these Fundamental Rights and Human Rights.

Article 21 of Indian Constitution confers Privacy Rights in India to all. Similarly, Article 21 also confers Right to Life and Liberty to all that cannot be taken away except by “Due Process of Law”. Articles 14, 19 and 21 collectively protect against “Arbitrary and Unconstitutional State Actions”.

Despite all these “Protections and Rights” we have Authorities like Unique Identification Authority of India (UIDAI) that is not governed by any Law whatsoever. Similarly, we have provisions pertaining to National Population Register (NPR) of India that are clearly “Unconstitutional”.

We have no dedicated Data Protection Laws in India, Data Security Laws in India, Cyber Security Laws in India, etc. Even the Cyber Law of India, incorporated in the Information Technology Act, 2000 (IT Act 2000), is an “Endemic E-Surveillance Enabling Law” that requires urgent “Repeal”.
Cyber Security in India is also in bad shape and even the Supreme Court of India has chided Indian Government to boost up its Cyber Security to protect National Security of India. National Security and Right to Information in India are on “Crossroads” where the “National Security Card” is very frequently played by Indian Government to deny “Legitimate and Eligible Information” to Indian Citizens.

In all this “Political and Legislative Mess” we have a “Bonus” for Indian Government as well. The Parliamentary Oversight of Intelligence Agencies of India is missing and they are “Not Accountable” to any “Legislative and Parliamentary Scrutiny”.  Intelligence related Projects like National Intelligence Grid (NATGRID), Central Monitoring System (CMS) of India, proposed National Counter Terrorism Centre (NCTC) of India, etc have no Parliamentary Approval and Oversight.  

There is no second opinion that collection of “Highly Sensitive Biometric Details” by any Governmental Agency or Authority in such circumstances is not only “Unconstitutional” but is also “Highly Risky” for Life and Liberty of Indian Citizens/Persons. In fact, collection of Biometric Details by UIDAI and NPR are clearly “Unconstitutional and Illegal” and Indian Citizens and Residents can “Refuse” to provide the same no matter what these Authorities and Laws say.

Human Rights Protection in India is at its nadir. Similarly, Civil Liberties Protection in Indian Cyberspace is in doldrums. If we keep on succumbing to the “Pressure Tactics” of Indian Government, the day would be not far when Indian Government would have complete control over our “Body and Soul”.

Wednesday 28 November 2012

Techno-Legal E-Courts Training Centre Launched By Perry4Law

India is at the initial stages of establishment of electronic courts (e-courts). Though India has done a good job by computerising the courts at various levels yet it is still far from the establishment of even the first e-court of India. It seems the e-courts project of India needs a techno-legal training boost.

Perry4Law and PTLB have launched the first ever e-courts training and consultancy centre of India and perhaps first of its kind in the World.

Efforts in the direction of establishment of e-courts in India have been in process since 2003 and significant development in the sphere of computerisation has already been achieved. It is at this stage that there seems to be stagnation of e-court project of India and this initiative by Perry4Law would facilitate in the smooth and hassle free migration of e-court project to the next level.

India must understand that E-courts are much more that mere connectivity and computerisation of traditional courts. The moment e-filing, presentation, contest and adjudication of the cases in an online environment would start, India would surely be capable of establishing e-courts.

Techno Legal Cyber Security Training Institution In India

I want to do certification in cyber security. Please tell me about the perfect Institution in India in this regard, asks Mayank Dixit from Mr. Praveen Dalal, Managing Partner of Perry4Law and CEO of Perry4Law’s Techno Legal Base (PTLB). We have been receiving tons of career and guidance request from cyber law, cyber security and cyber forensics enthusiastics and learners. Through this post we are providing some basic details about our techno-legal initiatives in this crucial direction.

If a person wishes to be a good cyber security professional he must know the practical aspects of cyber security. Most of the institutions all over the world are primarily providing just academic degrees and courses and almost no practical knowledge. Further, cyber security these days is both technical as well as legal. So a professional must get a techno-legal cyber security training rather than mere academic degree or diplomas.

Some good choices for getting good techno-legal cyber security training in India are:

(a) Techno-Legal Lifelong Learning Institution Of India (Exclusive In India)

(b) Perry4Law Techno Legal Base (PTLB) Training Centre (Exclusive In India)

(c) Cyber Security Training, Research and Educational Centre Of Perry4Law (Exclusive In India)

(d) Perry4Law Techno Legal ICT Training Centre (PTLITC) (Exclusive In India) (Will be operational very soon)]

(e) Online Cyber Law And Cyber Security Training Centre of PTLB (Exclusive In India)], etc.

Enroll yourself with these Institutions or Centres to have great techno-legal Skills and Expertise. Read the FAQs, Terms and Conditions, etc carefully before sending us your queries. Due to tons of queries we receive daily we cannot respond to each and every query personally.

Cyber Law And Ethical Hacking Courses In India

If you are looking forward for an ethical hacking course and training in India, you have to make it sure that it covers techno legal aspects of ethical hacking. For instance, you may be well aware how ethical hacking is done but you may not be aware that such an act may violate the law of any country. Thus, ethical hacking courses must teach both technical and legal aspects.

Legal e-learning in India
and ethical hacking training in India would grow in the future. But as we have discussed earlier, neither legal nor technical aspects are themselves sufficient to give you results that you are looking for. Ethical hacking trainings in India have been given a new meaning with the advent of online ethical hacking courses in India. Further, online cyber law education in India, online cyber forensics courses in India, etc are also increasing. Perry4Law’s Techno Legal Base (PTLB) is the exclusive techno legal courses, education and training provider in India. Techno legal e-learning in India by PTLB have acquired distinctiveness and international name and fame.

We provide domain specific and highly specilaised courses, trainings and educations in the fields like cyber law, cyber security, cyber forensics, ethical hacking, anti cyber warfare, anti cyber terrorism, anti cyber espionage, etc.

Further, our courses, trainings and educations are customised as per the requirements of different stakeholders. Thus, they are beneficial for law students, lawyers, judges, government officers, parliamentarians, police officers, corporate executives, educational faculties, international organisations, etc.

If you are interested in availing the trainings and courses of PTLB, you must enroll with PTLB in this regard. To enroll for any of these courses and trainings, fill in the “
Application Form” and send the same to us at the address mentioned therein along with “Prescribe Fees”. See FAQs before applying and remitting fees to get an insight of courses and trainings scope, nature, duration, fees, etc. If you are looking forward for an ethical hacking course and training in India, you have to make it sure that it covers techno legal aspects of ethical hacking. For instance, you may be well aware how ethical hacking is done but you may not be aware that such an act may violate the law of any country. Thus, ethical hacking courses must teach both technical and legal aspects.

Techno Legal Thoughts

I have started a new blog titled Techno Legal Thoughts that would discuss issues like cyber law, cyber forensics, cyber security, trainings and education, cyber threats and cyber attacks, etc.

The purpose of this blog is to share short and contemporary techno legal issues from around the globe. I am also expecting that my colleagues from other platforms would also join me in this endeavour.

Kindly visit Techno Legal Thoughts for more details.

Wednesday 21 November 2012

Google Is Openly Violating DMCA Compliance

The posts titled Google is playing stupid and is winning too and “Is Google Playing Stupid Or Is It Actually Stupid?” have proved how Google is deliberately deleting and manipulating the original and copyrighted articles instead of the infringing material.

See the exclusive resource titled Websites, Blogs And News Censorship By Google And India for complete details of censorship activities of Google and Indian government.

Tuesday 20 November 2012

E-Courts Consultancy And Training Centre Of India

Establishment and operation of E-Courts require Techno Legal expertise. At Perry4Law, PTLB and PTLITC we take care of the Techno Legal challenges of E-Courts establishment in India and globally.

See E-Courts Consultancy And Training Centre Of India for more.

E-Courts In India

Implementation of Information and Communication Technology (ICT) in Indian Judiciary and in Indian Courts needs rejuvenation. The successful use of e-governance for Indian e-judiciary model requires a techno-legal e-court framework. We need ICT Training and e-courts training for Indian Judicial System as soon as possible. Further, electronic courts in India must also be supported by active use of online dispute resolution (ODR) in India to reduce backlog of cases. Legal enablement of ICT systems in India is need of the hour.

Source: Legal Enablement Of ICT Systems In India for more.

Cyberspace Crisis Management Plan Of India

India has formulated a Crisis Management Plan for its Cyberspace. However, like other Policies and Strategies in India, it has not been implemented in true letter and spirit. Even the basic level Cyber Security Preparedness in India is not up to the mark.

As far as other components of Cyber Crisis Management Plan of India are concerned, even they do not exist in India. We have no Cyber Forensics Laws in India, no Cyber Terrorism Policy in India, no Cyber Warfare Policy in India, no Critical ICT Infrastructure Protection Policy in India and no Human Rights Protection in Cyberspace in India.

Source: ICTPS Blog

National Counter Terrorism Centre (NCTC) Of India

This is the research analysis of Perry4Law and Perry4Law’s Techno Legal Base (PTLB) regarding the legality, constitutionality, requirements, etc of establishment of national counter terrorism centre of India. Perry4Law and PTLB have outlined all the legal constitutional and administrative issues at a single place so that parliament of India, home ministry and Indian government can consider the same. Perry4Law and PTLB hope that this analysis would be useful for all concerned.

Source: ICTPS Blog

Sunday 18 November 2012

Law Firms For Intellectual Property (IP) In India

Intellectual property (IP) is a form of reward for the hard work and innovative methods developed by the property holder. Since IP provides a form of exclusivity, it is very important to protect the same form its misuses.

Intellectual property rights in India encompass diverse aspects of intellectual property. These comprise trademark, copyright, patents, geographical indications, semiconductor protection and other such class.

With the expansion of intellectual property in India, the demand for intellectual property rights services in India has also augmented a lot. There are several high-quality IPRs law firms in India that are catering the requirements of different IPRs holders.

However, Perry4Law is the exclusive techno legal ICT law firm of India that is providing many techno legal services in India of unique nature. These include corporate, technology and IPRs service as well.

With the adoption of Madrid agreement and Madrid protocol by India, trademarks protection in India would be given a new meaning. International registration of trademarks under Madrid agreement and Madrid protocol would also increase in future. Similarly, patents registration in India is another IPR field that is very popular in India.

IP rights are difficult to invent and acquire. Thus, their protection and management must also be taken very seriously. All possible legal recourses must be undertaken to safeguard IP rights in India so that they may not be misused.

Source: Cyber Laws In India

Wednesday 14 November 2012

Cyber Crimes Against Women In India and The Laws

Cyber crimes against Indian women are at rise. However, in the absence of adequate cyber law and cyber forensics capabilities, these cyber crimes cases are not always solved.

The cyber crime victims in India, especially women, can be greatly benefited by the techno legal expertise of Perry4Law and PTLB. These cyber crime victims must not feel shy while reporting various cyber crimes committed against them as cyber criminals must be adequately prosecuted.

Computer Forensics Research And Development Centre Of India (CFRDCI)

Computer forensics requires application of both technical and legal mind to a situation. If either of them is missing, the entire purpose of cyber forensics exercise would be frustrated. Cyber forensics also requires a greater degree of care and expertise as compared to electronic discovery whose purposes may be limited in nature.

See Cyber Forensics Research And Development Centre Of India (CFRDCI) for more.

E-Judiciary In India

There is no second opinion that establishment of electronic courts in India is need of the hour. Technology can bring diverse advantages to the ailing judicial system of India. However, establishment of e-courts in India require techno legal expertise that is presently missing in India.

For instance, the exclusive techno legal e-courts consultancy and training centre of India is managed by Perry4Law and PTLB. Unfortunately, so far neither Perry4Law nor PTLB is extending their domain specific and techno legal expertise to Indian e-court project.

See E-Courts In India for more.

Online Dispute Resolution In India

Legal Issues Of E- Banking In India

Internet banking risks in India are high and even RBI acknowledged risks of e-banking in India.  Despite this position, banks in India are ignoring the cyber security due diligence requirements prescribed by RBI. The online banking risks in India have increased tremendously due to this position.

See Legal Issues Of Internet Banking In India for more.

E-Banking Frauds In India

Cyber security of banks in India is also not upto the mark. The mobile banking cyber security in India is also missing. The preventive measures for ATM frauds in India are also missing. The truth is that Indian banks are poor at cyber security. The online banking risks in India are increasing due to this indifference towards cyber security.

See Internet Banking Frauds In India for more.

Cyber Security Service Providers In India

Businesses around the world are looking towards cyber security service providers to secure their business IT infrastructures. Cyber security service providers in India are also in the process of streamlining their services. Clearly, cyber security services in India would be in much demand in future especially those pertaining to techno legal issues.

Cyber security in India is a cause of concern for all the stakeholders. India has to strengthen its cyber security capabilities for which private players are playing a crucial role. There are very few cyber law firms in India and cyber security law firms in India.

Further, there are very few techno legal cyber security service providers in India that are providing cyber security services in India. The cyber security firms and companies in India are trying their level best to adopt the international best practices for effective cyber security. However, cyber security firms, companies and consultants in India must be pro active rather than reactive.

Cyber security issues in India are so diverse and complicated that we need dedicated efforts on the part of Indian government. Private techno legal cyber security service providers in India like Perry4Law’s Techno Legal Base (PTLB) have been playing a decisive role in this regard that can be really crucial for Indian cyber security initiatives.

In the present cyber security environment, the techno legal cyber security services of PTLB have become an absolute requirement where both technical and legal aspects of cyber security are taken care of at a single place.

Tuesday 13 November 2012

Cyber Security Challenges And Issues Of Critical Infrastructures Of India

The reliance of consumers and businesses on the cyberspace and interconnected networks would continue to increase. Critical industries like electric, water, oil and natural gas, transportation, automotive, and aerospace are increasingly dependent upon Industrial Control Systems like Supervisory Control And Data Acquisition (SCADA).

In fact, SCADA has become the new cyber attacks battlefield against India. An attack upon SCADA is essentially an attack upon the critical infrastructure of a nation. The SCADA systems may involve a human machine interface (HMI), a supervisory system managing the processes, remote terminal units (RTUs) interacting with the supervisory systems, programmable logic controller (PLCs) usable as field devices, etc.

Initially, running on proprietary control these have evolved with the availability of low-cost Internet Protocol (IP) devices, thus increasing the possibility of cyber security vulnerabilities and incidents. Therefore, critical infrastructure protection in India must be an integral part of National Cyber Security Policy Of India.

The policy must address Critical Infrastructure Protection Requirements Of India. Further, besides energy, defense, transportation and telecommunication, the financial sector which includes banks and stock exchanges must be suitably protected in India.

Cyber Security Of Banks In India is still not effective. Further, Cyber Security Due Diligence For Banks In India is still missing despite some stern guidelines by Reserve Bank of India (RBI). Indian Banks Are Not Complying With Rbi’s Cyber Due Diligence Requirements.  Even the RBI Warned Indian Banks For Inadequate Cyber Security in the past.

This is a serious issue as more than 80% of banking transactions today takes place online. Similarly, the majority of the investor trade through online systems thus making the financial sector one of the most critical sectors.

Mobile Banking Cyber Security In India is still missing. In these circumstances, Mobile Banking In India has become really risky as it puts the customers at grave risks. Mobile Banking Cyber Security Is Required In India on a priority basis before any mobile banking scheme is launched in India. Although Internet Banking Guidelines In India by RBI have been issued yet no such guidelines have been issued by RBI regarding mobile banking so far.

These Cyber Security Issues In India must be resolved as soon as possible as the Cyber Security Challenges Of India Remains Unredressed till date.

 Source: PTLB Blog

Monday 12 November 2012

Indian National Critical Information Infrastructure Protection Centre (NCIPC)

In the recent times, there is an increasing stress upon cyber security at the international level. This is so because cyber attacks are happening at the international level and all the countries are facing this threat.

Countries are trying to coordinate cyber security initiatives at national and international levels. However, cyber security in India is still not up to the mark. India is increasingly facing cyber attacks and cyber threats from foreign nationals.

The cyber laws and cyber security trends of India 2011 by Perry4Law and Perry4Law Techno Legal Base (PTLB) has clearly showed the cyber security vulnerabilities of India. The cyber law trends of India 2012 have also projected an increased rate of cyber crimes in India and cyber attacks against India in the year 2012.

For instance, cyber terrorism against India, cyber warfare against India, cyber espionage against India and cyber attacks against India have increased a lot. Presently, we do not have a strong cyber law to deter cyber attacks and cyber crimes. Further, we have no cyber security laws in India as well.

Cyber security is also crucial to protect critical infrastructure protection of India. Critical infrastructure protection in India requires a well formulated policy. Presently we have no critical infrastructure protection policy of India. Even critical ICT infrastructure protection in India is required.

A national critical information infrastructure protection centre (NCIPC) of India has been proposed. It intends to ensure critical infrastructure protection and critical ICT infrastructure protection in India.

There are few prerequisites that can make the NCIPC of India successful. Firstly, there must be a centralised ICT command centre of India that can coordinate various cyber security issues. Secondly, specialised agencies and authorities must be constituted for critical infrastructure areas like power, telecom, defense, etc. These agencies and authorities must coordinate with the centralised command centre for cyber security related issues.

Ministry of communication and information technology (MCIT) has already taken certain initiatives in this regard. For instance, a central monitoring system (CMS) project of India has been launched by MCIT to monitor and intercept electronic communications, messages and information. Further, a national telecom network security coordination board (NTNSCB) of India has also been proposed to strengthen the national telecom security of India.

However, there is a big problem in the successful implementation of all the abovementioned projects and initiatives as well as the NCIPC of India. Indian government has been avoiding parliamentary oversight of these projects. This is a bad precedent that needs to be urgently taken care of. We need urgent parliamentary oversight for e-surveillance in India, Internet censorship in India, intelligence gathering in India, intelligence authorities of India, central bureau of Investigation, law enforcement agencies of India, Aadhar project of India, etc.

Even privacy laws in India, data security laws in India, data protection laws in India, etc are urgently required to be formulated. The cyber law of India must be suitably amended, perhaps repealed, to make a more robust and stringent cyber law of India. We need dedicated cyber security legal framework in India and cyber forensics laws in India.

For too long Indian parliament has been ignoring its crucial legislative business and it is high time for Indian parliament to do the needful in this regard. Contemporary techno legal issues cannot be left at the mercy and indifference of Indian parliament and Indian government as that may have serious adverse effects upon Indian economy and national security of India.

Source: ICTPS Blog

Wednesday 7 November 2012

The Indian Information Technology (Intermediaries Guidelines) Rules 2011

Information Technology (Intermediaries Guidelines) Rules 2011 of India have been prescribed to take care of the Internet intermediary legal framework of India. This is a crucial area that required a sound techno legal regime.

However, these rules are also prone to misuse by both governmental and non governmental players. This is the reason why a motion for annulment of these intermediary guidelines was moved in the Rajya Sabha as well but was defeated ultimately.

Internet intermediary law in India is incorporated in the Information Technology Act 2000 (IT Act 2000) and the Rules made there under. Internet intermediaries’ liability in India is now well established and foreign companies and websites must duly comply with the same to avoid civil, criminal, administrative and financial penalties. In short, these foreign companies and their Indian subsidiaries must ensure that they comply with the cyber law due diligence in India.

The Gazette Notification numbered G.S.R. 314(E), dated 11-04-2011, formulated the Information Technology (Intermediaries Guidelines) Rules, 2011 of India. These rules provide the rights and responsibilities of internet intermediaries in India. If the Internet intermediaries follow these rules and exercise proper cyber due diligence, they are entitled to a “safe harbour protection”. Otherwise, they are liable for various acts or omission occurring at their respective platforms once the matter has been brought to their notice.

The legal actions against foreign websites can be taken in India. Further, cyber litigations against such foreign websites would increase in India in the near future. It is of utmost importance for these foreign companies and websites to follow Indian laws in true letter and spirit.

Perry4Law and Perry4Law Techno Legal Base (PTLB) are providing the legal position regarding Internet intermediary liability in India under the IT Act 2000 in general and Information Technology (Intermediaries Guidelines) Rules, 2011 of India in particular.

The salient features of the same are as follows:

(1) The Information Technology (Intermediaries Guidelines) Rules, 2011 of India have been formulated by the Central Government in exercise of its powers conferred by clause (zg) of subsection (2) of section 87 read with sub-section (2) of section 79 of the Information Technology Act, 2000 (21 of 2000).

(2) Definitions — (1) In these rules, unless the context otherwise requires,–

(a) “Act” means the Information Technology Act, 2000 (21 of 2000);
(b) “Communication link” means a connection between a hyperlink or graphical element (button, drawing, image) and one or more such items in the same or different electronic document wherein upon clicking on a hyperlinked item, the user is automatically transferred to the other end of the hyperlink which could be another document website or graphical element.
(c) “Computer resource” means computer resources as defined in clause (k) of sub-section (1) of section 2 of the Act;
(d) “Cyber security incident” means any real or suspected adverse event in relation to cyber security that violates an explicitly or implicitly applicable security policy resulting in unauthotrised access, denial of service or disruption, unauthorised use of a computer resource for processing or storage of information or changes to data, information without authorisation;
(e) “Data” means data as defined in clause (o) of sub-section (1) of section 2 of the Act;
(f) “Electronic Signature” means electronic signature as defined in clause (ta) of sub- section (1) of section 2 of the Act;
(g) “Indian Computer Emergency Response Team” means the Indian Computer Emergency Response Team appointed under sub section (1) section 70 (B) of the Act;
(h) “Information” means information as defined in clause (v) of sub-section (1) of section 2 of the Act;
(i) “Intermediary” means an intermediary as defined in clause (w) of sub-section (1) of section 2 of the Act;
(j) “User” means any person who access or avail any computer resource of intermediary for the purpose of hosting, publishing, sharing, transacting, displaying or uploading information or views and includes other persons jointly participating in using the computer resource of an intermediary.

(2) All other words and expressions used and not defined in these rules but defined in the Act shall have the meanings respectively assigned to them in the Act.

(3) Due diligence to be observed by intermediary — The intermediary shall observe following due diligence while discharging his duties, namely: —

(1) The intermediary shall publish the rules and regulations, privacy policy and user agreement for access-or usage of the intermediary’s computer resource by any person.

(2) Such rules and regulations, terms and conditions or user agreement shall inform the users of computer resource not to host, display, upload, modify, publish, transmit, update or share any information that —
(a) Belongs to another person and to which the user does not have any right to;
(b) Is grossly harmful, harassing, blasphemous defamatory, obscene, pornographic, paedophilic, libellous, invasive of another’s privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;
(c) Harm minors in any way;
(d) Infringes any patent, trademark, copyright or other proprietary rights;
(e) Violates any law for the time being in force;
(f) Deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
(g) Impersonate another person;
(h) Contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource;
(i) Threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or public order or causes incitement to the commission of any cognisable offence or prevents investigation of any offence or is insulting any other nation

(3) The intermediary shall not knowingly host or publish any information or shall not initiate the transmission, select the receiver of transmission, and select or modify the information contained in the transmission as specified in sub-rule (2):

Provided that the following actions by an intermediary shall not amount to hosing, publishing, editing or storing of any such information as specified in sub-rule: (2) —

(a) Temporary or transient or intermediate storage of information automatically within the computer resource as an intrinsic feature of such computer resource, involving no exercise of any human editorial control, for onward transmission or communication to another computer resource;
(b) Removal of access to any information, data or communication link by an intermediary after such information, data or communication link comes to the actual knowledge of a person authorised by the intermediary pursuant to any order or direction as per the provisions of the Act;

(4) The intermediary, on whose computer system the information is stored or hosted or published, upon obtaining knowledge by itself or been brought to actual knowledge by an affected person in writing or through email signed with electronic signature about any such information as mentioned in sub-rule (2) above, shall act within thirty six (36) hours and where applicable, work with user or owner of such information to disable such information that is in contravention of sub-rule (2). Further the intermediary shall preserve such information and associated records for at least ninety days for investigation purposes,

(5) The Intermediary shall inform its users that in case of non-compliance with rules and regulations, user agreement and privacy policy for access or usage of intermediary computer resource, the Intermediary has the right to immediately terminate the access or usage rights of the users to the computer resource of Intermediary and remove non-compliant information.

(6) The intermediary shall strictly follow the provisions of the Act or any other laws for the time being in force.

(7) When required by lawful order, the intermediary shall provide information or any such assistance to Government Agencies who are lawfully authorised for investigative, protective, cyber security activity. The information or any such assistance shall be provided for the purpose of verification of identity, or for prevention, detection, investigation, prosecution, cyber security incidents and punishment of offences under any law for the time being in force, on a request in writing staling clearly the purpose of seeking such information or any such assistance.

(8) The intermediary shall take all reasonable measures to secure its computer resource and information contained therein following the reasonable security practices and procedures as prescribed in the Information Technology (Reasonable security practices and procedures and sensitive personal Information) Rules, 2011.

(9) The intermediary shall report cyber security incidents and also share cyber security incidents related information with the Indian Computer Emergency Response Team.

(10) The intermediary shall not knowingly deploy or install or modify the technical configuration of computer resource or become party to any such act which may change or has the potential to change the normal course of operation of the computer resource than what it is supposed to “perform thereby circumventing any law for the time being in force:

Provided that the intermediary may develop, produce, distribute or employ technological means for the sole purpose of performing the acts of securing the computer resource and information contained therein.

(11) The intermediary shall publish on its website the name of the Grievance Officer and his contact details as well as mechanism by which users or any victim who suffers as a result of access or usage of computer resource by any person in violation of rule 3 can notify their complaints against such access or usage of computer resource of the intermediary or other matters pertaining to the computer resources made available by it. The Grievance Officer shall redress the complaints within one month from the date of receipt of complaint.

The cyber laws due diligence requirements for companies in India are strenuous in nature and Internet intermediaries in India need to take care of the same to avoid legal troubles.

Source: ICTPS Blog

Electronic Commerce Law Firms in India

Electronic commerce (e-commerce) in India is growing at a fast pace. Along with this growth, e-commerce laws and regulations in India have also grown.  The most common one are legal requirements to start an e-commerce website in India and legal formalities required for starting e-commerce business in India.

As more and more business entities and entrepreneurs are becoming aware of the benefits of online presence and brand promotion and protection in India, e-commerce has become a popular method of doing business. Even domain name protection in India has assumed significance due to this reason.

We have no dedicated e-commerce laws in India. However, the information technology act 2000 (IT Act 2000), which is the sole cyber law of India, is regulating the e-commerce business and transactions in India. Internet intermediaries liability in India under the IT Act 2000 is very stringent.

For instance, the e-commerce players can be held liable for online infringement of copyright in India of the copyright owners. Cyber law due diligence in India is one aspect that all e-commerce site owners must frequently engage in. The present laws of India are stringent in nature and subsequently claiming ignorance of such laws would not make much difference.

Further, e-commerce regulatory requirements are techno legal in nature that very few can understand. For instance, Perry4Law is the exclusive techno legal ICT and IP law firm of India and world wide. Among other areas, techno legal services pertaining to e-commerce litigation, consultancy, corporate advisory, contract drafting, etc are by Perry4Law.

Presently, very few lawyers in India familiar with technological aspects in general and e-commerce laws in particular. Lawyers in India need to upgrade their skills and knowledge in the upcoming fields like cyber law, e-commerce, etc.

For e-commerce entrepreneurs and business houses, Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that before opening an e-commerce site or business, the owner of the same must consult a good techno legal law firm that can advice him upon all the possible and applicable aspect of e-commerce laws in India.

A failure to do proper cyber due diligence before opening an e-commerce portal in India may be counter productive and attract fines, penalties and criminal sanctions. It is better if a proper legal due diligence has been done in this regard before opening the e-commerce business in India.

Source: Cyber Laws In India

Techno Legal HIPAA Compliances Services in India

Health Insurance Portability and Accountability Act of 1996 (HIPAA) is one of the most important health related legislations of United States (US). HIPPA ensures health care coverage, privacy protection, electronic information security, and fraud prevention regarding health care related issues.

Although we have no dedicated laws like HIPPA in India yet many outsourcing related services and assignments are still sent to India. Outsourcing of healthcare services to India, such as medical transcription, medical billing medical coding and medico-legal services involves the transfer and maintenance of important data are some of the areas that are managed by Indian BPO/LPO/KPO service providers of India.

However, HIPPA outsourcing services have also brought many techno legal risks that BPO/LPO/KPO service providers must take care of. Further, privacy, data security and cyber security issues have also made the scenario complicated.

Perry4Law firmly believes that these techno legal risks and compliances must be taken seriously by all stakeholders. We also believe that Indian government must pay more attention to areas like privacy, data security, data protection, cyber security, etc.

HIPPA compliance in India cannot be achieved till professionals are provided techno legal trainings regarding HIPPA. Perry4Law Techno Legal Base (PTLB) has been providing various techno legal trainings in India and abroad that include HIPPA trainings in India as well.

HIPPA compliance in India would also be required to be ensured by pharmaceutical e-commerce providers of India. Besides fulfilling the legal requirements for starting e-commerce business in India, medicines and drugs e-commerce providers of India must also comply with the requirements pertaining to websites opening in India. Cyber law due diligence in India is also required to be fulfilled by HIPAA stakeholders of India.

We hope all stakeholders would ensure HIPPA compliances in India in true letter and spirit.

Source: Corporate Laws In India