Showing posts with label Cyber Law Due Diligence In India. Show all posts
Showing posts with label Cyber Law Due Diligence In India. Show all posts

Saturday, January 28, 2012

India Must Invent Alternatives Of DMCA Complaint To Google And Others

Of late foreign companies and websites like Google, Facebook, etc are increasingly finding themselves in the legal net of India. In fact, a criminal case is already pending against Google, Facebook, etc for failure to exercise cyber law due diligence.

If websites like Google, Facebook, etc fail to exercise cyber law due diligence as per the requirements of Indian information technology act, 2000 (IT Act 2000), the Internet intermediary protection is lost. All that is required to make Internet intermediaries like Google, Facebook, etc liable under Indian laws is to notify them about the objectionable contents.

The objectionable contents may take the form of defamatory contents, cyber stalking, pornography, religious riots incitement materials, intellectual property violating contents, etc. Indian cyber law allows 36 hours to such Internet intermediaries to remove the offending contents from their platforms.

While there is no problem in applying Indian laws to foreign companies and websites operating in India yet these companies and websites use the façade of parent company by declaring themselves as mere subsidiaries of such parent companies. And when these parent companies are called to comply with Indian laws, they openly deny the same by saying that they are governed by foreign laws.

Naturally, Indians also cannot be forced to follow foreign laws like Digital Millennium Copyright Act (DMCA) 1998 and Online Copyright Infringement Liability Limitation Act (OCILLA).

As many of you may be aware that we are currently pursuing a copyright violation, trademark infringement and impersonation matter with Google Incorporation and Google India. Further, Perry4Law and Perry4Law Techno Legal Base (PTLB) have also provided their suggestions to US Copyright office regarding remedies for small copyright claims in United States so that interests of small copyright holders can be protected.

We have also filed a DMCA complaint to Google Incorporation (US) and a notice under IT Act 2000 to Google India on 22-01-2012 for copyright violation, trademark infringement and impersonation.

From the responses we received so far, it seems Google Incorporation is not willing to respect and comply with Indian laws and Indian legal requests even if DMCA procedure is duly complied with. We are still waiting for the response of Google India and would proceed further once the time limit of 36 hours is expired.

However, this has forced us to think in a very different direction. We believe that India must take urgent steps so that companies and websites like Google, Facebook, etc comply with legal demands as per Indian laws as well. We suggest the following in this regard:

(1) All subsidiary/Joint ventures companies in India, especially those dealing in information technology and online environment, must mandatorily establish a server in India. Otherwise, such companies and their websites should not be allowed to operate in India.

(2) A stringent liability for Indian subsidiaries dealing in information technology and online environment must be established by laws of India.

(3) More stringent online advertisement and e-commerce provisions must be formulated for Indian subsidiary companies and their websites.

Further, US government needs to change its policies towards foreign IP infringements and enforcements. Incidences like not following laws of other jurisdictions are responsible for enacting harsh laws like SOPA and PIPA. These incidences are also responsible for filing of civil and criminal complaints against companies like Google in India.

Indian government and Indian courts need to consider these aspects while deciding various cases against foreign websites and social media platforms. If Indian intellectual property and cyber laws are not respected, there is no other option but to choose a harsh stand of foreign websites blocking in India.

The matter would come for hearing before the Delhi High Court on 02-02-2012 and we hope the Delhi High Court would take judicial note of these facts also while adjudicating upon that matter.

Monday, January 16, 2012

Corruption And Technology Related Due Diligences In India

The recent spate of corruption related disclosures in India has sent a strong message to Indian and foreign companies to ensure that their business are strictly in compliance with Indian and foreign laws. Naturally, companies that have entered into merger and acquisitions (M&A) in the past are now looking forward to ensure that nothing fishy happened during such M & A transactions.

These Indian and foreign companies are worried about the potential legal and tax liabilities arising out of various scams and corporate frauds and they are engaging law firms to do a due diligence analysis on the M&As or foreign direct investments (FDIs) they’ve made in India. Law firms are carrying out legal due diligence exercises to detect any loopholes that could result in liabilities on behalf of their clients to avoid litigation possibilities arising out of deals done in the past.

Some multinational companies are also doing legal due diligence to ensure that the Indian subsidiaries and companies they are about to invest or have already invested in are complying with the foreign laws like Foreign Corrupt Practices Act (FCPA) 1977 of the US and the UK Bribery Act 2010.

Even companies that are now exploring the possibility of M&A are taking precautions before entering into such partnerships. While there is no particular department for dealing with all the aspects of corporate business at a single place (Ministry of Corporate Affairs deals with corporate matters) yet department of information technology (DIT) is the chief department that deals with technology related issues. These include cyber law, cyber security, e-commerce, e-governance, spectrum allocation, telecom licensing, etc.

However, till now companies were not very cautious in their dealings in cyberspace and technology related fields. The information technology act 2000 (IT Act 2000) is the cyber law of India that prescribes various cyber law due diligence in India for areas like e-commerce, e-governance, Internet intermediary liability in India, social media due diligence in India, etc.

However, companies are in controversy these days in India. For instance, doubts have been raised regarding the manner in which Reliance and Airtel blocked websites in India. Similarly, some have even suggested that DIT must investigate the case of blocking of websites in India by Reliance, Airtel and other Internet service providers (ISPs).

Similarly, companies like Google, Facebook, etc are already in cyber law legal tangle in India. Indian government is claiming that these companies failed to comply with Indian laws, including cyber law of India. While the guilt or innocence of these companies is still to be established yet this episode has shown the importance of cyber due diligence for Indian companies.

Cyber crimes at social media websites in India are increasing and these social media platforms cannot ignore the same especially once they are made aware of the same. The social media websites investigation in India is going to increase and more and more e-discovery for social media in India would be conducted. Even cyber law due diligence for banks in India is going to increase.

Another area that requires a special mention is the contemporary practice known as e-legal due diligence in India. This requires domain specific techno legal expertise and a sound knowledge of both technical and legal aspects. It is an advanced and improved form of traditional legal due diligence in India that is done in an offline environment. With companies now shifting their data and information to data centers and virtual data rooms (VDRs), e-legal due diligence in India and abroad would be the norm.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that Indian and foreign companies must conduct a thorough corruption and technology related due diligence analysis in India as soon as possible.

Wednesday, January 4, 2012

Social Media Websites Investigation In India

Social media websites have become ubiquitous these days. Ask any Internet using person or organisations and he/it would tell you about usage of some form of social media websites. Social media is not only helpful in projecting own policies, thoughts and ideas but is also helpful in exploring new ventures and partnerships.

However, abuses of social media are also rampant. Social media is occasionally used for committing various cyber crimes and cyber contraventions. Although we have no dedicated social media laws in India yet the information technology act, 2000 (IT Act 2000), the cyber law of India, carries some provisions in this regard. These provisions have mandated social media due diligence in India for these platforms.

Further the cyber law of India has also prescribed an Internet intermediary liability in India. According to this liability social media websites in India are required to observe due diligence in order to escape civil and criminal sanctions.

The cyber law due diligence in India has now become well established and companies, social media websites and Internet intermediaries cannot take it lightly. However, this has not restrained the cyber criminals to use social media websites for criminal purposes. Even in many cases these social media websites fail to observe due diligence especially when they have actual knowledge of the offending act. This has resulted in an increased prosecution of social media websites in India.

The prosecution of social media websites in India is going to increase tremendously if they keep on ignoring the cyber law of India. Presently, the cyber crimes investigation in India is not upto the mark and this in many cases result in non prosecution of the offenders. With the growth of e-discovery in India and cyber forensics in India more prosecution of social media websites would be witnessed. E-discovery for social media in India is going to increase as the social networking laws in India are pointing towards this direction.

In short, cyber due diligence for Indian companies is increasingly being enforced and social media websites are no exception to this rule. Social media websites investigation in India is going to increase in future and these platforms must be well prepared to deal with this same.

In their own interest, social media websites must not only meet the cyber due diligence requirements but must also ensure e-discovery compliances so that social media websites investigation can be facilitated and they can defend themselves more appropriately in various court cases and quasi judicial forums.

Monday, January 2, 2012

Electronic Legal Due Diligence In India

Legal due diligence in India is not a new concept. Legal due diligence involves assessing the suitability, efficiency and viability of a company or organisation. Legal due diligence may be required to meet statutory and regulatory requirements or it may be necessary when a company wishes to invest in another company.

A contemporary form of legal due diligence, especially for companies and individuals engaged in information and communication technology (ICT) related services, is known as cyber due diligence. Cyber law due diligence in India has become mandatory due to the stringent nature of cyber law of India. In fact, cyber due diligence for companies in India and cyber due diligence for banks in India has already been prescribed. Similarly, cyber security due diligence in India is also becoming a must to have requirement.

Securities and Exchange Board of India (SEBI) is planning to use electronic initial public offer (IPO) in India. Foreign investments in pharmaceutical in India has been liberalised by Reserve Bank of India. Similarly, foreign direct investment (FDI) in India has also been liberalised in many crucial areas. Naturally, lots of investments, IPOs, private equity funds exchange and many more collaborative and cooperative activities would take place in India in the year 2012.

These developments would also make legal due diligence necessary. However, the traditional legal due diligence procedure relies heavily upon paper based documents and transaction. A better option is to engage in electronic legal due diligence in India (e-legal due diligence in India). The e-legal due diligence in India is cost effective, timely and efficient. It also can provide the best possible results for legal due diligence purposes.

Even legal frameworks are in the process of being established to accommodate these contemporary changes. For instance, the electronic delivery of services bill 2011 (EDS Bill 2011) has been proposed by Indian government that would make electronic delivery of services in India an acceptable norm.

Similarly, existing legal frameworks also facilitates digital preservation in India, e-governance, e-commerce, etc that would also require e-legal due diligence in India. The public records keeping framework of India requires keeping of public records that very few organisations in India are doing. Of course, public records keeping framework of RBI is an exception in this regard. Public records are also required to be maintained by the information technology act 2000 and right to information act 2005 of India.

All these requirements of public records keeping and e-legal due diligence in India can be managed by establishing virtual data rooms (VDRs). Many leading companies are already using VDRs to ensure legal due diligence in a smooth and efficient manner. With VDRs thousands of pages of content can be made available in just 24hrs or less. VDRs provide a secure and highly efficient method for sharing critical business information for electronic due diligence in merger and acquisition (M&A) advisory, IPO and secondary offerings, asset purchases, venture capital due diligence, bio tech licensing, commercial and corporate real estate ventures, financial restructuring, preparing for exit strategies, and many other transactions that require large amounts of document sharing.

Further, e-legal due diligence in India would also ensure that electronic discovery (e-discovery) requirements in India are duly met whenever needed. E-discovery services in India would be required in near future in India and e-legal due diligence can greatly facilitate the same. Individuals and companies must start exploring using e-legal due diligence as soon as possible for greater benefits of their own.

Friday, December 23, 2011

Cyber Due Diligence For Indian Companies

Cyber due diligence in India has finally arrived in India. The information technology act, 2000 (IT Act 2000) is the sole cyber law of India. IT Act 2000 prescribes cyber due diligence requirements on the part of various stakeholders like banks, companies, individuals, Internet intermediaries, e-commerce sites, etc.

However, till now cyber due diligence in India has not been taken seriously. This is so because cyber law awareness is not very good among various stakeholders. Similarly, civil and criminal prosecutions for lack of cyber due diligence in India is a rare phenomenon. Since ignorance of law if no excuse, in future cases for lack of cyber due diligence would increase in India.

IT and cyber frauds in Indian companies is increasing these days. However, a majority of Indian companies are not performing cyber due diligence in India. The companies in India are required to follow cyber law due diligence in India and cyber security due diligence in India. In the absence of proper due diligence these companies may find themselves in trouble.

Social media laws in India and social networking laws in India would bring their own share of cyber due diligence. Cyber law on social media and networking sites in India is pretty stringent and employees of a company may violate the same intentionally or unintentionally. Internet intermediary law in India and cyber due diligence cannot be taken lightly in India anymore.

Another sector that is urgently demanding cyber due diligence is banking industry of India. Cyber due diligence for banks in India is long due. Banks and companies in India are facing growing threats from malware attacks, phishing attacks, ATM frauds, online banking threats, trading fraud, etc. If a bank cannot show that it performed cyber due diligence and such cyber frauds and cyber crimes occurred without its negligence, it may be required to bear the financial loss. Presently Indian banks are not complying with cyber law due diligence requirements in India.

Finally, the scope and use of e-discovery in India is also increasing. Whether it is a corporate investigation, civil suit or criminal proceedings, e-discovery is playing a decisive role world over. Further, e-discovery laws and practices in India are developing as well. Even e-discovery related litigation, LPO and KPO services in India are growing.

Perry4Law and Perry4Law Techno Legal Base (PTLB) strongly recommend that cyber due diligence training in India needs to be developed so that cyber due diligence compliances by various stakeholders is possible. This training should be a regular and integral part of the corporate strategy of each company. There is no escape from cyber due diligence in India and companies must accept this reality as soon as possible.

Wednesday, August 17, 2011

Cyber Security Laws, Lawyers And Law Firms

Techno legal fields like cyber law, cyber security, cyber forensics, cyber warfare, cyber terrorism, etc were never considered to be a cup of tea for lawyers and law firms. This may be due to many factors like lack of knowledge, absence of suitable cyber security laws, non remunerative nature of techno legal issues, etc.

One positive development that I have recently noted about these techno legal fields is that lawyers and law firms have started exploring the areas like cyber law, cyber security, cyber forensics, etc. Although the number of such lawyers/law firms is negligible yet the growing interest in the techno legal fields would increase such number sin future.

Further, techno legal issues would also change the way traditional businesses and transactions would be carried out in future. For instance concepts like cyber insurance, online dispute resolution, e-courts, digital evidencing and e-discovery, media forensics, cyber forensics, etc would be very much used in future.

However, technology laws have their own peculiar problem. Cyber laws are generally curative in nature as against the desirable preventive requirements. They are formulated keeping in mind the crimes/cyber crimes that have already taken place instead of what cyber crimes can possibly happen in future. In short, cyber laws must be “futuristic” in nature as against “historical” in their applicability.

A very crucial factor that has resulted in limited growth of cyber law and cyber security practice world over is that we have no internationally acceptable cyber law treaty and international cyber security treaty. For instance, India is not a party to any international cyber law treaty and is thus free to formulate its cyber laws as per its own requirements.

However, the cyber laws due diligence requirements are already well laid down world over, including India. Business houses and companies cannot take these requirements of cyber due diligence casually. Even the Reserve Bank of India (RBI) has asked banks to ensure robust cyber security for their banking transactions. Despite these cyber due diligence and cyber security requirements, companies, banks and organisations are not coming forward to adopt them.

Naturally, with the increase of litigations and disputes only, these stakeholders would come forward to check the legal issues arising out of use of technology by them. Further with an active use of public private partnership (PPP) model by all countries of the world, governments and private players are combining their knowledge and resources to provide better results. Slowly and steadily lawyers and law firms would also joined this PPP model.

With issues like cyber espionage and cyber warfare, the traditional armed forces and legal fraternity are now collaborating upon a very unique platform where lawyers need to have a sound knowledge of both law and technology. It seems the techno legal community alone would be able to dare to explore issues like cyber law, cyber security, etc in future.