WHO ARE SILENT KILLERS OF MODIJI’S MISSION DIGITAL INDIA?

Every Indian is feeling conceited and buoyant with various revolutionary initiatives in Digital world launched by the present government under leadership of Prime Minister Hon. Narendra Modiji. All of us are certain that these seeds of Digital revolution may it be in form of Mission Digital India or Skill India program will certainly bear fruits in coming years. These seeds are sown with a futuristic view and young millennial generation of India is likely to enjoy theses fruits.

After a long time such a futuristic view and concrete steps for achieving the same have been initiated by government. Modiji need to be complimented for the same. Also all his team needs a huge round of applause for incessantly working for achieving the same.

But sadly it’s worthy to mention that all is not well in this Mission Digital India campaign. If we consider what could be outcome of the Mission Digital India after few years, I am bit afraid of predicting the same. Let me try to predict the same. 

Presently Digital population of Indian users may be around 25-30 million as per very conservative estimates and if 25% of them use it for banking as well as online shopping activities then we have roughly 10 million Indian population online. If considering they carry out monetary transactions worth Rs.500 each on weekly basis the amount involved is Rs.20, 000Million per month.

Now if Cyber Criminals target only 1% of these users, then also they are able to garner about 200 Million per month. Is it unbelievable?

Unfortunately none of us is prepared to accept the statistics presented above as it makes us terrifying about the whole scenario and these numbers does not have authenticity from any statistical wing of the government.

But even if the statistics may be doubted but it can not be denied that Cyber criminals are acting more vigorously in this niche domain of crimes.

And to top it all the role of Banks, Police, Educational Institutions and judiciary needs a careful scrutiny. To start with Bank, none of them is actively engaged in awareness about the cyber security and preventive tips. What limited they are doing is only lip service. The apex bank i.e. Reserve Bank of India is sitting on huge corpus meant for DEPOSITOR EDUCATION AND AWARENESS FUND since last few years. But none should question them!!!!!!

As reporting and investigation about such related crimes are concerned all is not too well. Our police machinery is not well educated to understand the magnitude and damaging capacity these crimes posses. They are yet to come out of traditional jurisdiction mind set and hence recurrently refuse to even register FIR, leave the hope for investigation of the same. Many a times it is observed that police are even not aware about provisions of Information Technology Act. Hence they register these crimes under IPC sections. Another difficulty with police is investigation as they don’t have well equipped Cyber Forensic Labs to analyse the modus operandi etc.

Fortunately Maharashtra Government under leadership of CM Devendra Fadanvisji has promised to set up Cyber Forensic Lab in every district place at Maharashtra. This will be a huge moral booster for Police in Maharashtra and people from Maharashtra can expect that situation will improve in coming days.

As regards to educational institutions less said is better as very few government schools and colleges have initiated such Cyber Awareness Training Programs and unless they are directed from top, they won’t initiate. In the case of CBSE institutions, CBSE has long issued directions for initiating few measures as regards Cyber Bullying etc. but whether these are functional needs a research.

Last ray of hope is Judiciary but here also all is not well!!!! The first trial court specially established to look after Civil Litigation under Cyber Contraventions is scarcely functional. Information Technology Secretary of each state is nominated to look into these matters but hardly any IT Secretary across all Indian states is serious about this additional mission given to them.

The appellate tribunal set up above Adjudicator is also non-functional since last 6 years as there is no appointment of the Chairperson of this CAT.

All other civil courts are barred from entertaining matters involving cyber contraventions and hence their jurisdiction can not be invoked.

So overall view of banking, educational, judicial and police mechanisms is not so encouraging currently and success of Mission Digital India can not be said to be in safe hands. What needs to be done is to identify these silent killers in this ambitious and much needed project and weed them out.

Unless Modiji act tough on these silent killers, in my view damage of the mission will be enormous and one of the finest projects will never take off the way it should be!!!!

Hence this appeal to PM Modiji for weeding out these damaging factors!!!!!     

APPEAL IN PUBLIC INTEREST REGARDING ONLINE SHOPPING PORTALS

This communication highlights plights of online shopping consumers and requests your support and initiative to safeguard rights of those million of innocent customers as a PUBLIC INTEREST LITIGATION highlighting the issues was dismissed on grounds that Law Making is function of Legislatures and Judiciary is not supposed to encroach on same.
Everyone is aware about new communication systems and digital technologies and dramatic changes made by them in the way we live. A revolution is occurring in the way people transact business. There is increasing use of online technologies these days in practically all walks of life. Be it online shopping or online ticket booking for train or cinema or ordering of food through online services available or online payment of various bills or recharge of mobile phones and so on and so forth.
There is unprecedented growth in online shopping activities or what is best understood as e-commerce activities in India, of late, due to increased use of technology. E-commerce activities mostly consists of buying or selling of goods and services, or transmitting the funds or data over an electronic platform mainly internet. Millions of people shop online everyday, spending hundreds of thousands of rupees. Simultaneously the number of online retailers is equally impressive; this means that you get a wide range of shops to choose from, but also with the probability that you may fall a victim of fraud through these online shops.
It has been observed that persons carrying out Online shopping activities are deprived protections of law as there is total absence of suitable legislation for protecting the online shoppers. Online shopping victims are facing discrimination in various ways when they go for registration of FIR or reporting in matters of frauds to local police station. There is complete absence of regulatory mechanism for registration, monitoring and controlling the online shopping portals unlike regulatory mechanism available for physical shops. When it comes to reporting regarding frauds or cheating through online shopping or related activities general public is finding it very difficult to report the same with local police. Many fraudulent online shopping websites and online payment gateways have come up currently and many people are being duped while carrying out online activities.
As per available statistics of 2014, online shopping base in India is about 40 million and it is expected to touch 100 million in near future. The volume of amount transacted is about to touch 60,000 crore approximately. The average annual spending of Indians on online purchases is expected to rise 67 percent to Rs. 10,000   next year, according to Assocham-PwC study. About 40 million consumers purchased something online in year 2014 and the number is expected to grow to 65 million by 2015 with better infrastructure in terms of logistics, broadband  and Internet-ready devices.
The overall e-commerce industry, valued at $17 billion (Roughly Rs. 1, 08,167 crores), has been growing at a compounded annual growth rate of about 35 percent each year, the study said, adding that it is expected to cross the $100 Billion (roughly Rs. 6, 36,281crores) mark in five years.
So if proper regulations are not framed immediately to monitor and regulate this huge amount of transaction which is being carried out through online mediums and more specifically through online shopping portals and online payment gateways anticipating the safety and security of the people, there would be immense monetary loss of people and also loss of faith in these mediums.
Many online shopping companies does not have any physical location or contact address or point of contact displayed and customers are left to the mercy of online shopping website owner in case of return or exchange of goods. It has also been observed that many online shopping portals have either published the address which is not traceable prima facie or not at all published any physical address, and there are no regulatory guidelines which mandates for verification of the address of such online shopping sites prior to uploading it on website by any government machinery. Though there is provision under Information technology (Intermediary Guidelines) Rules 2011 clause 11 for publication of name of grievance officer and his contact details as well as contact mechanism for contacting them. Under Article 302 government can impose reasonable restrictions for protecting public interest on trade and commerce activities and online shopping is also covered under the same.
Also other problem is regarding jurisdiction. Even if some victim tries to lodge complaint against such online shopping portal or payment gateway then police are not entertaining such complaints either on the ground that transaction occurred in some different jurisdiction and hence crime did not happen in their jurisdiction or the type of matter falls under Tort, i.e. civil wrong and hence no police complaint is required. This attitude of police also defeats fundamental right under article 14 of equal protection of law. There seems to be different attitudes of law enforcing agencies towards tackling of crimes through normal physical shops/stores and online shopping portals.
As per information received under Right to Information it is not specified by Government that to which department these online shopping portals or online recharge portals are answerable or reportable and hence no specific government department is proactive towards curbing malpractices in online shopping and online payment gateways activities.
The magnitude of cyber crimes being committed is unimaginable. The investigation is not properly carried out in most of the cases due to lack of proper training to law enforcing agencies. General public at large, is falling prey to many such fraudulent online shopping and payment gateways due to lack of awareness and as there is no mechanism of registration of such websites as well as payment gateways by government. This is certainly not a healthy trend as online activities are growing every passing day and people are losing huge amounts in through the same. Rather this situation of lawlessness and anarchy in cyberspace is encouraging criminals to Rule the Cyber Space for their benefit.
This can also be a serious threat to National economy. As by “following the money” many facets’ of the criminals who are perpetrating such crimes can be uncovered and that can have huge impact on national economy as well as national security.
These incidents of crimes are mostly linked with transfer of money may be small or large. In this era of globalization cross border transactions are accomplished without any control over the same and the money derived out of these fraudulent transactions can be used to finance illegal as well as terrorist activities to destabilize the state. And hence this issue needs to be addressed as utmost priority
Hence it is requested to frame rules for registration and regulation of the online shopping portals and online payment gateways, immediately, so that general public at large will not be defrauded by such fraudulent online shopping websites or online recharge portals;
Further government is requested to issue instructions to all online shopping portals and payment gateways to upload the name of grievance officer with full contact details on their website and preserve and retain the information of all the transactions carried through them for at least a period of one year.
Public Interest Litigation was filed to highlight all the above issues before Hon’ble Nagpur Bench of High Court by the undersigned but the Hon’ble court observed very rightly that Law making is essential and exclusive function of Government and hence undersigned petitioner was advised to move to respective governments and hence this representation/appeal in the public interest.

Advocate Mahendra Limaye
Cyber Legal Consultant
09422109619
CYBER CRIME HELPLINE 09225109900

RBI ACKNOWLEDGES FINANCIAL ILL- LITERACY AND LACK OF AWARENESS

                 The Reserve Bank of India has recently come up with Notification dated 21 April 2016 vide ref. no.RBI/2015-16/378 DBR No.Leg.BC.93/09.07.005/2015-16 regarding Publicity in Bank branches cautioning public against placing deposits in dubious schemes.

                The Circular says that RBI has noticed that customers receive telephone calls relating to winning of lotteries/prizes etc. or various dubious schemes have been floated where returns are higher than offered by banks on deposits. The customer believing such messages/schemes remit the required amount apart from divulging details of their accounts to the fraudsters.

               Then circular adds that absence of financial literacy and lack of alertness to fraudulent schemes/calls are the main reasons behind innocent depositors falling prey to such schemes.

               There after circular states that all Scheduled Commercial Banks including Regional rural Banks and Local Area Banks may in their own interest and as customer education effort in interest of public consider designing suitable posters or pamphlets and notices consisting messages of awareness.

                Cyber Awareness Organisation suggests some additional measures which should be implemented on priority basis for prevention of such frauds and protecting public’s hard earned money.

1)    RBI itself is sitting on huge fund known as Depositors Education and Awareness Fund since last two years and should consider releasing same for benefit of customer education and awareness as per old saying CHARITY BEGINS AT HOME!!!!

2)    RBI should mandate all the banks to carry out Customer Cyber Awareness and Education program in each branch on bi-monthly basis to impart security trainings to customers.

3)    RBI should create central helpline for speedy reporting and data analysis of such frauds so as to act faster.

4)    RBI should monitor AML reporting on weekly basis and more consistently.

5)    There has to be synchronization of LEA, RBI AND TSP’s in investigations.

6)    The payments gateways should be properly regulated.

7)    There must be some cooling time for all transactions except few where additional security or authentication measures are followed with prior approval of the customer.

8)    All payment gateways must be compliant with section 43A of I T Act.

9)    RBI should monitor KYC implementation more strictly and illiterate customers should not be provided with any type of Credit/Debit cards.    

                There are many more such suggestions like encouraging talk shows/power point presentations for creating cyber awareness among users etc.

                 We congratulate RBI for the issuance of this circular which is first step towards creating Cyber Awareness and CYBER AWARENESS ORGANISATION feels proud that its cause is at least endorsed by the Apex bank of India.

Information Technology Civil Judicial System, Is it working?

All of us know that online transactions have gained the momentum it desired and many people are finding benefits of it. There are few black sheep’s in this business also and to take action agonist them Information Technology Act was introduced as Special Act by Parliament of India. There are sections 43 and 43A which specifically deals with Civil Liability and for appealing under these sections Adjudicators have been prescribed under Information Technology Act. These Adjudicators are Information Technology Secretary of respective State governments.

To appeal against decisions of these Adjudicators, the Cyber appellate Tribunal has been constituted under said act.

So we presume that the set up is very fine and must be in order.

But reality is very different. The most progressive state Maharashtra, which was in many ways a trend setter in I T Adjudication till Mr. Rajesh Aggrawal was Adjudicator, has conducted only two hearings in last two years.

Amazing!!!!! A state with 47 cases registered in 2014, 59 cases in 2015 and 18 cases till March 2016 could conduct only one hearing in entire Year speaks itself about the way government is looking towards I T Civil Litigation's.

And it’s no good to speak about CYBER APPELLATE TRIBUNAL which is yet to see new Chairperson since last many years.

The Information Technology Department Maharashtra neither is bothered about updating its website in relation to I T Act cases nor interested in ascertaining how much Court fees is paid to it towards such litigation's.

It has to be mentioned very sadly that A country whose Prime Minister is encouraging use of Technology in every possible manner is unaware about I T Civil Judicial System.

Its no good for a country where cyber criminals are targeting innocent people who are left remediless by such Judicial apathy.  

Regulators needed for PAYMENT GATEWAYS!!!!!

Last fortnight a leading Mobile Payment gateway from India unveiled its projections to 5,00,000 online seller base by March 2017 as compared to current seller base of 1,70,000.This portal alone facilitates 300 million payment transactions per day and has set a target of 1 billion by 2020.

As I presume this ONLINE BUSINESS IS HIGH VOLUME AND LOW MARGIN BUSINESS.

When margins are low there are possibilities of compromises with the security or quality of the services customers receive. As these online companies can not compromise with bandwidth and high resolution servers they are most likely to save by compromising on security measures. These companies are for profit and not for charity and scrutinizing their business module it looks more probable that they might be compromising on security.

Section 43A of Information Technology Act mandates these service providers to follow reasonable security practices and guidelines to protect sensitive personal data and information of the users.

Another point of worry about these payment gateways, which have mushroomed recently, is very few legal or technical compliance required from government end. In a rush towards fulfilling its well deserved mission of Start up India government seems to be neglecting inherent threats in cyberspace. The cyberspace is used by entrepreneurs, end users who are techno illiterate and simultaneously by cyber criminals who are highly comfortable with technology and rather are highly techno savvy.

All are cohabiting in same cyberspace and when these payment gateways are carrying out almost a billion transactions per day collectively, the cyber criminals are bound to found out vulnerabilities in the same and exploit them for their financial gain. The biggest losers in this scenario presently are the innocent online payment gateway users and more interestingly people who don’t even opt for these payment gateways for their any transaction.

Shocked????

How people who don’t even opt for online payment gateways can be falling prey to such frauds???

The modus operandi noticed is very simple. These fraudsters obtain credit/debit card details and cvv code from such innocent people and utilise same for fraudulent transactions through these payment gateways. Payment gateways are least bothered about origin of payment or destination of beneficiary. What they are bothered about is their transaction fees and nothing else.

There are many cases where payment gateways are unable to provide complete authenticated details of beneficiaries. This is alarming situation and currently cyber criminals are exploiting it very effectively. The amount of such frauds can not be estimated with limited information available with my organisation but I am sure its figure will be unimaginable by anybody. If you prefer to guess you are welcome.

It’s high time that Payment Gateways must be brought under some sort of Regulatory mechanism!!!

This regulator will be entrusted to look into all such matters where Payment Gateways are found to be involved in some sort of fraudulent activities. For want of such regulatory mechanism, unnecessarily Good Payment Gateways are also being tarnished.

To avoid this situation and make people believe in this online payment mechanism the formation of such regulator is NEED OF HOUR.