Monthly Archives: November 2013

Indian Virtual Currency Schemes And Reserve Bank Of India

Indian Virtual Currency Schemes And Reserve Bank Of IndiaBanking industry of India is trying to capatilise the benefits of information and communication technology (ICT). The same is not possible till the modern banking infrastructure is supported with appropriate legal framework in this regard. It has been reported that an integrated modern banking law for India in pipeline. Till now there is no sign of any such much need integrated banking law of India.

The Reserve Bank of India (RBI) is slow in this regard even though RBI has acknowledged risks of e-banking in India. Although RBI has recently directed that all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest yet these recommendations have not been implemented by the banks.

This is so despite the fact that the Security and Risk Mitigation Measures for Card Present Transactions in India have been brought into force by RBI. According to the Circular numbered RBI/2013-14/296, DPSS (CO) PD No.719/02.14.011/2013-14, issued on September 27, 2013, RBI has finally brought into force the mandatory provisions of the circular numbered DPSS.PD.CO.No.513 / 02.14.003 /2011-2012 dated September 22, 2011 on security issues and risk mitigation measures related to Card Present (CP) transactions and circulars DPSS (CO) PD No.1462 / 2377/ 02.14.003/2012-13 dated February 28, 2013 and June 24, 2013 respectively on security and risk mitigation measures for electronic payment transactions, wherein various timelines were indicated for compliance.

Indian banks are poor at cyber security implementation and even this measure of RBI would fail to achieve the desired objectives. While these measures are still waiting to be implemented by Indian banks, RBI is Exploring Use of Encrypted SMS Based Fund Transfers in India. However, India is not ready for Mobile Governance and the Mobile Payments Cyber Security in India is needed before implementing such ambitious initiatives.

All these factors would play a decisive role in the implementation or non implementation of any virtual currency scheme applicable in India. The Financial Stability Report by Reserve Bank of India (RBI) June 2013 (PDF) is another significant report regarding virtual currency schemes in India.

The report indicates that alongside the rapidly increasing use of technology in banking and finance in recent years, the risks emanating from abuse and failure of technology have also risen. The recent cases of cyber frauds at some banks have highlighted the increasing complexity, sophistication and diversity in the risks to the security and integrity of technology based banking and finance. Globally, the use of online and mobile technologies is driving the proliferation of virtual banks, virtual currencies and provision of banking and payment services by unlicensed entities. While leveraging on technology has resulted in many benefits, especially, in extending the reach of the financial services, these developments pose challenges in the form of regulatory, legal and operational risks.

One of the main risks related to the information technology (IT) systems in banks relates to the obsolescence of the technology and processes built according to the needs of the then prevailing regulatory-cum-business environment. Therefore, a review of suitability of the existing IT infrastructure is required to be carried out to assess the capability of the IT systems to handle the changing demands of business and compliance functions in the evolving environment.

According to the document titled Virtual Currency Schemes by European Central Bank October 2012 (PDF), a virtual currency can be defined as a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specific virtual community. The virtual currency schemes provide a financial incentive for virtual community users to continue to participate and are able to generate “float” revenue for their owners. They also provide a high level of flexibility regarding the business model and business strategy for the virtual community.

There are different kinds of virtual currency schemes in vogue at present. While for some kinds of virtual currencies there is no interaction or exchangeability with the “real” currency, for others the relationship with the real money, goods and services is more active and direct. The “closed” virtual currency schemes, which are mostly used in online games, have no connection with the real money. Some virtual currency schemes offer the facility of a (mostly unidirectional) conversion rate for purchasing the virtual currency, which can subsequently be used to buy virtual goods and services. Under another category of virtual currency schemes which provide for bidirectional flows, the virtual currency acts like any other convertible currency, with two exchange rates (buy and sell). In such schemes, the virtual currency can be used to buy not only the virtual goods and services, but also to purchase real goods and services. Virtual currency schemes are different from electronic money schemes as the virtual currency being used as the unit of account has no physical counterpart with legal tender status.

A virtual currency scheme may also be designed to compete with traditional currencies used for international trade. The absence of a distinct legal framework implies that the traditional rules under financial sector regulation and supervision, including the institution of central banks, are not involved in the case of virtual currency. Also, the unregulated link between virtual currency (if permitted), and traditional currency with a legal tender status poses challenges as the complete control over the differently denominated virtual currency is given to its issuer, who governs the scheme and manages the supply of money at will.

The regulators are studying the impact of online payment options and virtual currencies to determine potential legal, regulatory and other risks associated with them.

Bitcoins, Their Functionality And Legality Of Use

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLBDigital or Virtual Currency is gaining importance day by day. In many Jurisdictions these Digital Currencies are allowed to be used to purchase goods and services. They can also be traded for real money in real world in many Jurisdictions.

The most prominent Digital Currency of contemporary times is known as Bitcoin. Although many Jurisdictions have tried to regulate Bitcoins yet they have not achieved much success in this regard. Even the United States Federal Bureau of Investigation (FBI) temporary closure of the online black market Silk Road has made little effect on Bitcoins.

So what is a Bitcoin and how it works? According to Wikipedia, Bitcoin is a peer-to-peer digital currency that functions without the intermediation of a central authority. The concept was introduced in a 2008 paper by a pseudonymous developer known as Satoshi Nakamoto.

Bitcoin has been called a crypto currency because it is decentralized and uses cryptography to control transactions and prevent double-spending, a problem for digital currencies. Once validated, every individual transaction is permanently recorded in a public ledger known as the blockchain. Payment processing is done by a network of private computers often specially tailored to this task. The operators of these computers, known as “miners”, are rewarded with transaction fees and newly minted Bitcoins.

Bitcoins are stored by associating them with addresses called “wallets”. Wallets can be stored on web services, on local hardware like PCs and mobile devices, or on paper print-outs. Thefts of Bitcoins from web services and online wallets have been covered in the media, prompting assertions that the safest way to store Bitcoins is in secure paper wallets.

With the growing significance of Bitcoins, Cyber Criminals have started targeting the same. In many cases Bitcoins have been stolen by Cracking the Computer Systems, by compromising the Private Encryption Key and by using other “Innovative Methods”. The latest to add to this series is the use of Distributed Denial of Service Attack (DDOS) against the Institutions managing Bitcoins and demanding ransom for ceasing to do so.

The Technological Structure of Bitcoins is such that once they are transferred, either legally or illegally, it is very difficult to reverse the transaction. Of course, if the parties to the transaction can be identified and both of the parties agree to reverse the transaction that is still possible. But such a scenario is very rare in the present times.

Governments and Regulatory Bodies around the World are wary to deal with Bitcoins. Every attempt to label Bitcoins illegal has only kick backed. United States has just realised that if it is too harsh to the Bitcoins, the Bitcoin Infrastructure may shift to more friendly destinations like China. Besides many Countries would encourage Bitcoins to operate in their Jurisdictions as this would benefit their Economy and may damage the grip of Dollar in the World Market. The dealing in Bitcoins in India is still A “Grey Area” and it is not safe to consider it “Strictly Legal”. Till the time Indian Government or other Regulatory Authorities of India make use and dealing of Bitcoins Legal in India, the use of the same in India is at the own “Legal Risk” of concerned person or Institution.

Provisional And Regular Licence Under The Sikkim Online Gaming (Regulation) Act, 2008

Provisional And Regular Licence Under The Sikkim Online Gaming (Regulation) Act, 2008Sikkim is the most liberal State for allowing online gaming and betting in India. As per the Constitution of India, gambling and betting is a State Subject and States are free to enact laws as per their own requirements.

The Sikkim Online Gaming (Regulation) Act, 2008 has provided a legal framework for online gaming in India. This is a revolutionary piece of legislations as it has tried that no other State has been able to achieve. The 2008 Act has been notified (PDF) and it is now operational in the State of Sikkim. Even an authorised officer (PDF) has been appointed under the 2008 Act by the Sikkim Government.

In order to make the provisions of 2008 Act operational, the Sikkim Online Gaming (Regulation) Rules, 2009 (PDF) were formulated. Perry4Law and Perry4Law’s Techno Legal Base (PTLB) have discussed these Rules 2009, along with necessary 2009 amendments, for the larger interest of all stakeholders.

Under the Sikkim Online Gaming (Regulation) Act, 2008 there are provisions regarding granting of provisional and regular licences.

A provisional licence is first issued by the Government of Sikkim if it is satisfied that the application made by the applicant complies with all the requirements prescribed in this regard. A fee of Rs. 1 lakh must be given by the applicant and he/she/it must set up the necessary infrastructure and other requirements so as to be in a position to commence operation of online games and the sports games.

If the Government is satisfied that the applicant is fully ready to commence operations of online gaming and sports gaming activity and has complied with the stipulations prescribed in the said provisional licence and such other terms and conditions prescribed in the Act and Rules, the Government may grant a regular licence for operation of online games and sports games in Form-2A for five years on payment of a fee of five lakh rupees.

For enabling the conduct of Online Games and Sports Games specified under Rule 3 of the Sikkim Online Gaming (Regulation) Rules, 2009 the following terms and conditions shall apply:

(1) The provisional licence is issued for the specific purpose of enabling the applicant company to set up and establish the entire requisite infrastructure and other components necessary for actual commencement of online gaming and sports gaming activity.

(2) The provisional licence does not confer any right to the licensee to commence its online gaming and sports gaming unless and until all the requirements stipulated by the State Government are fulfilled and the regular licence is issued by the Government.

(3) The Licensee shall operate Online Games and Sports Games from Sikkim only.

(4) The Licensee shall commence actual online gaming and sports gaming operations, i.e., “go live” within 120 days.

(5) The licensee should make available only the games specified under rule 3 of the Sikkim Online Gaming (Regulation) Rules, 2009. If the licensee intends to include new games, prior approval of the Government must be obtained.

(6) The Licensee shall allow any Officer authorized by the Government to inspect the setup process or inspect premises from where the online games are to be operated.

(7) The Provisional licence is valid for 120 days from the date of issue and immediately on the licensee intimating in writing to the Government that it is ready to commence actual online gaming and sports gaming operations, i.e., “go live” and on such determination by the State Government that the applicant licensee has complied with the stipulations prescribed hereinabove and such other terms and conditions prescribed in the Act and Rules, the licensee may be granted a regular license for a period of five years on payment of fees of five Lakhs rupees as provided under the Rules.

(8) The Licensee shall pay to the Government a sum of one lakh rupees as Provisional License fee through a Bank Draft in favour of the Director, Sikkim State Lotteries, and submit the same before issue of the said licence.

(9) The provisional license is liable to be cancelled if the licensee violates any of the above terms and conditions and the provisions of the Sikkim Online Gaming (Regulation) Act, 2008 and the rules made thereunder.

Telemedicine And Online Pharmacies Laws In India And Their Legal Implications And Liabilities

Telemedicine And Online Pharmacies Laws In India And Their Legal Implications And LiabilitiesInformation and communication technology (ICT) is proving a useful tool in all spheres of our day to day lives. This also applies to the healthcare sector of India. Medical practitioners and hospitals have started using ICT to effectively manage their medical services.

However, there is a problem with this growing use of ICT by medical practitioners and hospitals. In their zest to use ICT for furthering their medical objectives, these medical practitioners and hospitals are flouting Indian laws. Simply putting we have no dedicated telemedicine laws in India and online pharmacies laws in India. However, different laws of India govern the telemedicine and online pharmacies aspects in India.

As on date the online pharmacies in India are violating Indian laws and Indian government is well aware of these violations. In fact, online pharmacies websites of India are under regulatory scanner and punishment may follow. Despite contrary beliefs, online sales of prescribed medicines in India cannot be done through a mere opening of website.

The growing craze of e-commerce among Indian medical entrepreneurs has witnessed a spurt of many online pharmacies and telemedicine operations in India. However, most of them are violating the laws of India and some of these laws prescribe very serious punishment for these violations.

While we have basic level e-commerce legal framework in India yet e-health related legal framework is missing. For instance, e-health in India is facing legal roadblocks. Till now we do not have any dedicated e-health laws and regulations in India. The legal enablement of e-health in India is urgently required.

When technology is used for medical purposes, it gives rise to medico legal and techno legal issues. In United States, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH Act), etc are some of the laws that take care of medico legal and techno legal issues of e-health and telemedicine.

As far as India is concerned, we have no dedicated e-health and telemedicine laws in India. Even essential attributes of these laws like privacy protection, data protection, data security, cyber security, confidentiality maintenance, etc are not governed by much needed dedicated laws. Time has come to enact a dedicated law that allows online sales and purchase of prescribed drugs and medicines in India.

There is a tendency among medical e-commerce players in India to ignore Indian laws. The Walmart probe , banned drugs regulation in India , e-trading of medicines, digital communication channels , etc have proved that Indian laws must not be taken lightly.

Similarly, many telemedicine and online pharmacies initiatives in India rely upon cloud computing without knowing and following the legal and regulatory issues of cloud computing in India.

Those engaged in telemedicine and online pharmacies must keep in mind the legal requirements prescribed by Indian laws like Information Technology Act 2000, Drugs and Cosmetics Act, Indian Medical council Act, Code of Ethics Regulations 2002, etc.

The biggest mistake that most of the telemedicine and online pharmacies initiatives in India commit is by believing that offline medico legal requirements can be safely used for online requirements. This is not true and is a fatal misconception as it may bring legal consequences and liabilities.

Online dealings of medicines and healthcare services have their own set of problems and legalities and they must be fully complied with to do an online business. Selling medicines online and providing of online healthcare services in India is not like selling other day to day commodities and they have grave risks attached with their very dealings. Great precautions and absolute compliance with the laws of India is required for their online operations.

The ultimate call is for Indian government to take as it has failed to regulate this much needed field so far. Not only Indian government failed to make dedicated laws in this regard but it has also failed to take stringent action against those who are running illegal online pharmacies and telemedicine shops in India.

Delhi High Court Directs Central Government To Issue Notification Regarding Electronic Signature Under IT Act 2000

Delhi High Court Directs Central Government To Issue Notification Regarding Electronic Signature Under IT Act 2000In a significant development, the Delhi High Court has directed the Central Government to issue a notification notifying the electronic signature that can be used to authenticate electronic records, including e-mails. The Information Technology Amendment Act, 2008 (IT Act 2008) brought the concept of electronic signature in force but till now the Central Government has not issued any notification and the concept of electronic signature is still not implemented.

As on date the only method of authentication of electronic records in India is the use of digital signature. However, not everybody owns a digital signature. Similarly, the Indian Government has prescribed different digital signatures for different purposes and there is no common digital signature that can be used at all places and for all purposes.

There is a confusion regarding the validity of electronic legal notices and processes in India through e-mails and this litigation is a significant development in this regard. The Delhi High Court is analysing e-mail policy of India and complaint mechanism to Facebook in the present litigation.

The core issues before the Delhi High Court is whether government documents can be shared through private e-mail providers like Google, Yahoo, etc and how to file a complaint with websites like Facebook using electronic signature. To start with India must ban Gmail and Yahoo e-mails for official communications and sharing of official documents. A petition is also pending before the Supreme Court of India vis-à-vis Public Records Act, 1993.

There is a direct relationship between the Public Records Act, 1993 and IT Act 2000. Perry4Law has released a research report in this regard that can be used by Indian Government while formulating the e-mail policy and electronic signature provisions. Similarly, there is a relationship between Right to Information Act, 2005 and Public Records Act 1993.

As per TOI, the Delhi High Court has asked the Centre to issue a notification on the electronic signature required by an individual to send a complaint to Facebook through e-mail. A Division Bench of Justice BD Ahmed and Justice Vibhu Bakhru told the Central Government’s counsel to seek instructions in this regard. The direction came after the petitioner alleged that Facebook was adopting a cumbersome procedure for users to send a complaint to its grievance officer. It also asked the Government to ensure that other social networking sites appointed a grievance officer.

The Bench observed that the provision with regard to electronic signature under Information Technology Act is, till date, blank. The Centre’s advocate was asked to seek clarification when the Central Government is going to bring its notification. The Court also directed the Centre to finalise, within a month, its e-mail policy for official communication by government officers in consonance with the Public Records Act in order to bar transfer of data to a server outside the country.  Indian Government may force companies like Facebook, Google, etc to establish servers in India by allowing them to commercially operate in India only once they comply with Indian laws.

This is a much needed step in the present circumstances as per cyber law experts of India as companies like Google, Facebook, etc continue to violate Indian Laws. Similarly, the Internet telephony and VOIP service providers must establish servers in India very soon.

However, India must ensure techno legal measures to regulate Indian cyberspace in the long run as knee jerk reactions and short term solutions would not be very helpful. Presently Indian Government is taking companies like Google lightly and Google is openly violating various laws of India. Despite Google openly flouting the Laws of India, Indian Government has failed to take any action against it in this regard. If this continues, there would be stage where Indian laws would become irrelevant for foreign and Indian technology companies.

Validity Of Electronic Legal Notices And Processes In India Through E-Mails

Validity Of Electronic Legal Notices And Processes In India Through E-MailsAt Perry4Law we receive numerous legal queries regarding legality of sending and receiving of a legal notice through electronic mail (E-Mail) or other electronic mediums. In order to spread public awareness in this regard, we are providing the legal position as applicable in India.

The Information Technology Act, 2000 recognises sending of electronic records for various purposes, including legal notices, if certain conditions are satisfied. Both Supreme Court of India and the Delhi High Court have already prescribed guidelines in this regard.

A Three Judge Bench of Supreme Court of India in Central Electricity Regulatory Commission v. National Hydroelectric Power Corporation Ltd, Civil Appeal No. (D.21216/2010), (2010) 10 SCC 280 observed that in various Courts, the statistical data indicates that, on account of delay in process serving, arrears keep on mounting. In Delhi itself, the input indicates that fifty per cent of the arrears in Courts particularly in commercial cases is on account of delay in process serving.

For the above reasons, the following directions, as mentioned hereinbelow, are given:

(i) In addition to normal mode of service, service of Notice(s) may be effected by E-Mail for which the advocate(s) on-record will, at the time of filing of petition/appeal, furnish to the filing counter a soft copy of the entire petition/appeal in PDF format;

(ii) The advocate(s) on-record shall also simultaneously submit E-Mail addresses of the respondent(s) Companies/Corporation(s) to the filing counter of the Registry. This will be in addition to the hard copy of the petition/appeal;

(iii) If the Court issues notice, then, in that event alone, the Registry will send such an additional notice at the E-Mail addresses of the respondent(s) Companies/Corporation(s) via E-Mail;

(iv) The Registry will also send Notice at the E-Mail address of the advocate(s) for respondent(s) Companies/Corporation(s), who have filed caveat. Advocate(s) on-record filing caveat shall provide his/her E-Mail address for effecting service; and

(v) Within two weeks from today, Cabinet Secretariat shall also provide centralized E-Mail addresses of various Ministries/Departments/ Regulatory Authorities along with the names of the Nodal Officers, if already appointed, for the purposes of service.

The above facility is being extended in addition to the modes of service mentioned in the existing Supreme Court Rules. This facility, for the time being, is extended to commercial litigation and to those cases where the advocate(s) on-record seeks urgent interim reliefs.

The Delhi High Court, in exercise of powers under Part X of the Code of Civil Procedure, 1908 (5 of 1908) and Order V, Rule 9 of the Code of Civil Procedure, 1908 and all other powers enabling it in this behalf, has also made Rules regarding service of legal notices through E-Mail. These rules allow service of legal notices and processes through E-Mails if the conditions prescribed therein are duly complied with.

Similarly, A Division Bench of Chief Justice Dipak Misra and Justice Sanjiv Khanna has ensured early release of undertrials and accused who are granted bail by directing all Delhi courts as well as its own officials to e-mail a copy of bail orders to Tihar jail authorities within 24 hours of being pronounced.

The Supreme Court of India and the Delhi High Court are also working in the direction of establishment of E-Courts in India as soon as possible. Presently, computerisation work has been finished to a greater extent and we may witness the e-filing facility as well in the near future. Once linked to the National Judicial Data Grid (NJDG), a proper e-court infrastructure can be established in India.

So those who believe that legal notices or legal processes cannot be sent through e-mail must think again as the necessary legal and judicial framework in this regard already exists in India.