Ecommerce websites are legally liable for service defects: Indian Law

E-commerce shopping websites liable for deficient service

When a problem arises, the portal shuns responsibility by claiming it is only a trading platform to bring the buyer and the seller together, and is in no way liable.
Online shopping is becoming increasingly popular because it saves time, the bother of travelling, the prices are competitive, and returns are accepted. In some cases, the seller's name is disclosed, but the address and contact numbers are withheld. This is done in business interests, so that the buyer and seller do not make a deal, depriving the portal of its commission.

The consumer deals with the portal, makes payment to the portal and follow-ups too are via emails to the portal. Yet, when a problem arises, the portal shuns responsibility by claiming it is only a trading platform to bring the buyer and the seller together, and is in no way liable. This is against consumer interest and unwarranted, as held by various consumer fora.

Case Study 1:

Atul Malhotra ordered a Lava mobile phone offered at a 94% discount on Flipkart, for an amount of Rs 400. Flipkart cancelled the order two days later, claiming inability to cope with the demand, refunding Rs 400. Since Atul wanted the phone, not the refund, he complained to the Chandigarh District Forum. Flipkart claimed it was not liable, and the complaint be dismissed as the actual seller had not been joined as a party to the dispute.

The forum observed that Flipkart had made the offer. The entire email correspondence was with Flipkart, including the cancellation. Hence, it would be liable for deficient service. Flipkart was ordered to pay Rs 3,000 as compensation and Rs 2,500 towards costs.

Case Study 2:

Shivanand Narain had purchased a Stealth mobile phone online for Rs 20,390, which turned out to be defective. He returned it and sought a replacement, as the website promised. Since his grievance was not redressed, he filed a complaint. The forum ordered the portal to refund Rs 20,390, the price of the mobile and also awarded Rs 15,000 as compensation.

The portal challenged the order in an appeal to the Chandigarh state commission, contending it was only a "facilitator". Rejecting this argument, the commission observed that the portal solicits business. Customers make payments to the portal. Correspondence with the portal is through the given email address. Thus, it actively participates in the transactions. The state commission dismissed the portal's appeal.

Case Study 3:

Urmil Munjal had made an online purchase through rediff.com. As she was not satisfied with the product supplied, she filed a complaint against the portal before the Gurgaon district forum, which allowed the complaint. The portal's appeal was dismissed. It filed a revision before the national commission, contending that it was only a facilitator.

Rejecting this argument, the national commission observed that the portal had admitted it acts as an intermediary, collecting payment. So its services could not be considered gratuitous merely because no separate charge was collected from the consumer. Inviting buyers and sellers to trade online made the portal amenable under the Consumer Protection Act. The commission concluded that the e-commerce portal would be liable to the consumer.

Conclusion:

E-commerce platforms are liable for the products advertised and business solicited through their websites.

Hacking computer without a Internet connection

••

The most secure computers in the world can't “Google” a thing—they are disconnected from the Internet and all other networks. The U.S. military and the National Security Agency rely on this attack-prevention measure, known as air-gapping, as does The Intercept, the media outlet co-founded by Glenn Greenwald, who was instrumental in disclosing the nsa's extensive domestic surveillance program. But where there's a will, there's a way: a team of doctoral students at Ben-Gurion University of the Negev in Israel announced it can obtain information from an air-gapped computer by reading messages encoded in the heat given off, like smoke signals, by its processors.

All computers have built-in thermal sensors, which detect the heat produced by processors and trigger the rotation of fans to avoid damage to components. To achieve the hack in an office setting, snoopers would infect two adjacent desktop PCs—one air-gapped, the other connected to the Internet—with malware that can take control of the machines and enable them to decode messages hidden in the sensor data. A virus carrying the malware could infect the Internet-connected machine fairly easily, whereas a USB drive or other hardware approach would be required with the air-gapped machine—a feat that could prove difficult at high-security locations.

In a scenario in which a hacker sought a password stored on the air-gapped computer, the malware could instruct the computer's central processor to perform work in a pattern of activity that reveals those characters. Each spate of activity would produce a puff of warm air that would travel to the connected computer, where its thermal sensors would log that single bit of information. Over time, voilà, a set of bits representing the password. The connected computer could then send that information to the interested party. The computer scientists call their hack BitWhisper.

If it sounds awfully slow, it is. The compromised computers can transmit only a maximum of eight bits per hour and can be located no more than 16 inches apart. But that rate is enough to get what you need, says Yisroel Mirsky, one of the co-authors of the research, which will be presented at the IEEE Computer Security Foundations Symposium in Verona, Italy, this month. “You need only about five bits,” he says, for a simple message, such as a command from the connected computer to the disconnected one, to initiate a data-destroying algorithm.

BitWhisper might seem too elaborate—after all, if one can get malware onto a computer via USB, why bother with the heat channel? Mirsky notes that this setup allows a hacker to control an air-gapped computer without physically sitting at it. Also, a computer heating up is unremarkable, so the hack could escape notice, says Anil Madhavapeddy, who studies unconventional ways to transmit information at the University of Cambridge and was not involved in the study. “In general, as computers get faster and the data contained in them more valuable,” he explains, “even the very slow covert channels are useful for attackers because they can just sit back and let them run for hours or even days to leak important information while staying under the radar.”

Of course, stopping such an attack is simple: keep air-gapped computers far away from any computers on a network or insert a sheet of insulation between machines. Given all the conditions BitWhisper would need to work in the real world, it might just be easier to find a whistle-blower.

This article was originally published with the title "Hacking Heats Up." 

By jessy emspak

Rs. 27,000 crore lost in Banking Frauds including cyber frauds from last five years

Rs. 27,000 crore lost in Banking Frauds including cyber frauds from last five years
Cheating and forgery have led to public and private sector banks losing as much as Rs.27,000 crore cumulatively in the last five years, reveals information obtained by dna News Paper under the Right to Information (RTI) Act.
And even this is just a conservative estimate with the actual losses being several thousand crores more. More than 11,500 cases of cheating and forgery of amounts involving Rs.1 lakh and above were reported by banks to RBI. 
SBI reported 1,124 cases the worst hit with losses of Rs.3,494 crore. Of the Rs.27,000 crore losses, public sector banks accounted for Rs.24,000 crore and the rest Rs.3,000 crore was reported by private sector banks. While SBI headed the list, ICICI Bank leads the list of private sector banks with losses of Rs.1,089 crore in 1,776 cases - the highest amongst all banks.
I only won Court Orders worth 3.5 Crores for Online Banking and Credit Card Frauds to be returned to my clients only in Mumbai City and only handle another 6-7 crore matters which are pending..Huh such huge loss to Indian Citizens. RBI & Central Government Do something .
Pic Source : DNA

Prashant Mali meeting Dalai Lama - An Experience with His Holiness

My meeting with His Holiness Dalai Lama 

My Himachal trip was scheduled from 14th to 20th March 2015 and as the days came nearer, without any confirmation of appointment from His Holiness Dalai Lama, I have started telling my friends and fellow beings that i am going to meet Dalai Lama. My intuition then sensed that i will meet him on 18th that made me tell every body the date also. I was visiting my neighbor and Singer friends Baba Honey & Rishika Kaushal, and this trip was also decided extempore in the busy month of March. In preparations i started called one of my highly placed good friend in IPS and he said that he will try and as my faith goes i relied on the same, but my this friend got caught up in some important conference and he couldn't confirm my appointment till 17th, even though i was keeping patience, i never called him as i was knowing if i am scheduled to meet His Holiness, i would definitely meet and Almighty would help me. On 17th afternoon we started to meet a Saint called Mouni Baba Neelkanth Maharaj who had ashram on shores of river vyas overlooking fort of Hamir. On the road to ashram i made call to another highly placed friend in an central organisation, who directed me to a honest IPS officer possessing high integrity and direct previous connects with His Holiness office, who in return directed his previous colleague to help my appointment but was skeptical as i wanted to meet on 18th and was asking this on 17th afternoon. His colleague in Dharamsala immediately arranged appointment and asked me to leave Hamirpur in evening itself and booked me two paid rooms in Hotel Pride Surya in mcload gunj. My appointment was scheduled at 9:30AM on 18th as His Holiness was to leave at 12:00PM . The moment my meeting was confirmed my mind was filled with tranquility and bliss of epic nature. I woke up at 6:30AM and got ready only wearing a Saffron Curta and white pajama  to suit the occasion and decided to bear the cold weather in the happiness of seeing Dalai Lama. I was accompanied by Baba Honey, Rishika Kausahal and Kavishwa Kaushal there mother who were also equally delighted as they were from Himachal and meeting this great personality for the first time like me. Few Tibetans and sick people were present to meet his holiness when we reached his office and Dalai Lama was busy talking to other lamas and officers as i was told so we all braved the cold of mcload gunj in anticipation of once in a life time chance. Then came the chance to meet the most humble person i have ever met.. 

Prominent cheekbones meet the fine network of creases at his shining, penetrating eyes, as he listens and nods and smiles encouragingly. His unusually glowing skin accentuates a single, inquisitive, v-shaped line that runs the length of his high forehead. Regardless of the topic, brief words of practical advice and grounded viewpoint are woven into a conversation that begins and ends with your own initiative. His Holiness the Dalai Lama, believed to be an incarnation of the Buddha of Compassion, is not interested in gaining converts or becoming embroiled in passionate debate. He is simply there for you, to become engaged in a warm, personal exchange.

You notice, fleetingly, that the Dalai Lama's hands are exquisite. His long, slender fingers close gently around each other as he earnestly listens to you. Suddenly his hands open wide, then pull together in a hollow clap as he breaks forth into laughter. It is true that His Holiness does love to laugh. Whether in rippling giggles or a clear open gale, his sense of joy pervades his entire being. While he may roar briefly in response to something you have said, never do you feel ridiculed, for this great monk is laughing beyond irony or personal psychology. And his outburst is generally accompanied by a reassuring comment which clarifies the profound depth of his humor. He even asked my friend Baba Honey about his glares and complimented him. 

I gifted book Authored by me  "Cyber Law & Cyber Crimes Simplified " to his holiness and his secretary introduced me to him as Cyber Law & Cyber Security Expert Lawyer from Mumbai, India  and was referred by Delhi. to which he greeted me with handshake and his soft hands were mesmerizing. All the snaps clicked later were having my book caught prominently by his holiness, a moment to be revered. No personal cameras or mobile phones were allowed so no selfie was possible, but His Holiness instructed to take individual photographs with him and the photographer and his camera was awesome, who took photographs which further imprinted meeting with His Holiness in my mind for ever.

India Cyber Security Summit 2015 - MY Speech

I was Speaking at "India Cyber Security Summit  2015" at Hotel JW Mariott, Mumbai before more than 240 august delegates . 
I Strongly feel, India can become "Cyber Security Super Power" if
1. Capacity Assimilating is done now coz capacity already exists 
2. Cyber Security companies existing are nourished as National Pride and new ones are incubated.
3. India marketed as "Cyber Security Products or Product development destination"
4. Efficiently managing world media by highlighting achievements India has in ‪#‎cybersecurity‬
5. Agreeing and relabeling this Ethical Hackers courses as Cyber Security Programs and recognizing certain recognized hackers as ‪#‎cyber‬ security professionals officially, instead of keeping them in dark world of hacking.
6.Making "Cyber Security & Cyber Law " topics compulsory in all college courses as every one uses computers , i personally think "Cyber Security has become the way of Life" and not a specialty which every IT User has to learn and take care of.
7. We all stop India Bashing and B Positive here i wanna invoke Swami Vivekananda by asking "What we have Done for Our Country"

8. Cyber Armageddon may not be a reality, but cyber espionage is happening in corporate world and they have private cyber army for doing this with competitors and sometimes they hire "paid Hackers" from countries like Russia.

9. When it comes to Cyber Security, Executives wanna Rely on "Security Solutions Product" and i feel product cannot ever give you peace full sleep, as vulnerability horizon is ever expanding  and Hackers test there own hacking tools on these Security Solutions Product first. The best way is to built a Cyber Security Culture and awareness amongst IT Staff and IT Users now that means amongst every single staff of the organisation & there family, thats the only solution to be Cyber Safe.

10. India Needs cyber command in its individual format, like Home Guards we have in India we can have "Cyber Home Guards" who will serve country when needed and are free to live there life when not needed but constantly sharpening there cyber skills and building there own network across the worlds virtually.

11. Having "Cyber Cadets " in our NDA - National Defence Academy and integrating all defence and statutory CERT's is what i m advising from last 6 years.

Adv. Prashant Mali
Cyber Law & Cyber Security Expert,Author and International Speaker

WhatsApp How to Use it Carefully in Marathi Language

वॉटस्एपचा वापर !!


वॅाट्सअप वर अनेक नवनवे समूह बनतात. अनेक समूहात तेच तेच लोक सगळीकडे सामाईक असतात. त्यामुळे मजकूरही तोच तोच वाचावा लागतो. वॅाट्सअपचा नेमका वापर कसा करावा, याबाबतीत मात्र बहुतांशी लोक गोंधळलेले दिसतात. सगळ्यांनी मोबाईलवर टाकलंय म्हणून आपणही वॅाट्सअप घेतलेलं असतं. एकदा नंबर लोकांकडे गेला की धडाधड संदेश यायला सुरुवात होऊन, आपण त्या चक्रव्युहात कधी गुरफटून जातो, आपलं आपल्यालाच कळत नाही. त्याचं कारण एकच. गंतव्य स्थान निश्चित असल्याशिवाय गाडीत बसायचं नसतं किंवा गाडी सुरु करायची नसते. जायचं कुठे, निश्चित नसेल तर गाडी गोल गोल फिरत राहते, पेट्रोल जाळत, कोणत्याही उद्दिष्टाशिवाय...ज्यांना काहीच सुचत नाही, ते सगळ्यात जवळचा पर्याय गुड मॉर्निंग, गुड नाईट चा स्वीकारतात. मधल्या काळात काय करायचं म्हणून इतरांचा आलेला मजकूर कॉपीपेस्ट, शेअर्ड, फॅारवर्ड करतात. गुड मॉर्निंग, गुड नाईट वैयक्तिकरित्या करा, पण समूहात अजिबात नको. यामुळे इतरांना काय मनस्ताप होतो, याची जाणीव कोणी ठेवत नाही. अनेक चांगले लोक या प्रकारांना कंटाळून समूह सोडणे पसंत करतात. शिवाय, असले फुटकळ संदेश पाठवणारे लोकच अफवा पसरवणाऱ्या प्रवृत्तीचा "गिऱ्हाईक" बनतात.

जगात विकृत माणसांची कमी नाही. आयुष्यात चांगलं काही करायचंच नाही, आणि वाईटाचा शक्यतोवर प्रचार प्रसार करत राहायचा, या एकाच ध्येयाने ही माणसं झपाटलेली असतात. बरे हल्ली सुसंस्कृत आणि विकृतांची अशी काय सरमिसळ झाली आहे की जे पसरत आहे किंवा पसरवलं जात आहे, त्याची शहानिशा करण्याची कोणाला आवश्यकता वाटत नाही. सद्याच्या पैसा कमावण्याच्या नादात कोणाला तितका वेळही नाही.

पैसा आहे म्हणून हातात स्मार्ट फोन आहे. पण म्हणून व्यक्ती स्मार्ट असेलच, याची शाश्वती नसते. बघा ना, वॅाट्सअप वर ज्या पद्धतीने बुद्धिवादी म्हणवणारे लोकही आंधळेपणाने खोट्याचा प्रचार करतात, तेंव्हा त्यांच्या स्मार्टपणाची खरोखर कीव करावीशी वाटते.

आयुष्य लहान आहे, ही सुरेश भटांची नसलेली कविता बिनधास्त त्यांच्या नावावर खपवली जाते.

खबरदारीचे इशारे बिनधास्त एखाद्या पोलीस अधिकाऱ्याचे नाव टाकून पोस्ट केले जातात. आपल्याकडे जी कोणतीही पोस्ट येईल, त्यात असलेल्या नंबरवर कॉल करण्याची सवय लावा. पोस्ट खरी असेल, तरच पुढे पाठवा. पोस्ट खोटी असेल, तर तसे स्पष्ट करणारी नवी पोस्ट तयार करून टाका.

मंगळ हा ग्रह आहे, तो तारा नाही, तिथून किरणोत्सर्ग होऊ शकत नाही, हे माहित असतानाही त्यावरच्या कॉस्मिक किरणांनी पृथ्वीवर दुष्परिणाम होणार असल्याचं भय पसरवलं जातं. अशा प्रकारच्या ज्या कोणत्याही पोस्ट येतील, त्यातील शब्द वापरून इंटरनेटवर सर्च करा, तुम्हाला सत्य काय ते कळेल. www.hoax.com वर तुम्हाला जगभरात चाललेल्या खोट्या पोस्टची माहिती मिळते. त्यांचा खरा खुलासा कळतो. आपल्याला एक कळतं की जे आज आपण मोठ्या कौतुकाने शेअर्ड करतोय, ते जगात आठ दहा वर्षांपूर्वी खोटं ठरलंय.

भारताच्या राष्ट्रगीताला जगातलं सर्वोत्तम राष्ट्रगीत म्हणून दर्जा मिळाल्याची आवई उठवली जाते. वास्तविक युनेस्कोच्या वेबसाईट वर लगेच जाऊन उलट तपासणी करणं शक्य असतं, पण आपण आपल्या नकली देशप्रेमापोटी नकळत आपल्याच राष्ट्रगीताचा अपमान करतो, हे आपण लक्षात घेत नाही. म्हणून नियमितपणे indian hoex जरूर तपासा.

जम्मू काश्मीर मध्ये तिरंगा फडकावण्यास मनाई असल्याचा कांगावा केला जातो. पण जर आपण जम्मू काश्मीर सरकारच्या वेबसाईटवर गेलो, तर चित्र वेगळं दिसतं. जाती धर्मात तेढ पसरवणाऱ्या अनेक पोस्ट वॅाट्सअपवर वेगाने फिरत असतात. अशा पोस्ट खऱ्या असो वा खोट्या ताबडतोब डिलीट करा. मुलामुलींना किंवा कोणालाही मारहाण करतानाचे विडीयो, कोणाचीही वैयक्तिक विशेषतः स्त्रियांची बदनामी करणारे विडीयो साहस असेल, पोलिसांना कळवा, अन्यथा डिलीट करा.

केंद्र सरकारने महिला अत्याचाराच्या कायद्यातील ज्या कलमात सुधारणा करून महिलांना हल्ल्यावेळी समोरच्याचा खून करण्याची परवानगी दिली म्हणून सांगितलं जातं., ते कलम नकली नाणे बनविण्याबाबत आहे. पण आपण आंधळेपणाने तो धादांत खोटा मजकूर आणखी शंभर लोकांना पाठवतो. ही सवय आजच सोडा.

कधी शीतपेयांमध्ये एड्सबाधित माणसाचं रक्त मिसळलं असल्याचा खोटा प्रचार केला जातो. इबोलावर मीठ पाण्याचा उपचार चालतो, म्हणून खोटं पसरवलं जातं. कडक लिंबांच्या किसाचा उपचार डॉ. प्रकाश आमटेंसारख्या समाजसुधारकांच्या नावावर खोटा खपवला जातो. देशाच्या उपराष्ट्रपतींच्या देशभक्तीबाबत संशय निर्माण करून त्यांची अर्वाच्य भाषेत बदनामी केली जाते. देशाचे पंतप्रधान, अनेक राजकीय नेत्यांची खालच्या स्तराचे विनोद करून खिल्ली उडवली जाते. ही एक विकृती आहे. तिची सवय लावून घेऊ नका.

काय मिळत असेल, या लोकांना असं खोटंनाटं पसरवून असा भाबडा प्रश्न आपल्या मनात येत असेल. पण त्याचं उत्तर त्या भाबडेपणातच आहे. आपलं खोटं या देशातले लोक किती बेफिकीरीने पुढे पुढे ढकलताहेत, हे पाहून जगातली संबंधित विकृत माणसं पोट धरून हसत असतील, आपल्या मूर्खपणावर किंवा अति शहाणपणावर !!!

त्या विकृतांना असुरी आनंद सुद्धा होत असेल. कारण आपण दिवसेंदिवस बधीर होत चाललो आहोत, याची त्यांना जाणीव आहे. एक दिवस आपणच आपल्या बेजबाबदारपणामुळे आपलीच घरेदारे पेटवण्यास कारणीभूत ठरणार आहोत.
आपली नजरचुकीने पुढे पाठवलेली पोस्ट एक दिवस दंगेधोपे घडविण्यास कारणीभूत ठरू शकते. ती आपणावर कायदेशीर कारवाई होण्याचे कारण तर ठरेलच पण आपल्याच प्रियजणांच्या विनाशाचेही कारण बनू शकते.

आपले डोळे उघडतील. पण तोपर्यंत उशीर झालेला असेल.

तेंव्हा वेळीच जागे व्हा.

स्वतःची आणि स्वतःचीच, पुरेपूर खात्री असल्याशिवाय कोणतीही पोस्ट शेअर किंवा फोरवर्ड करू नका.

कोणतीही कविता, लेख, विचार ज्याचे असतील, त्याचे नाव टाकल्याशिवाय पोस्ट करू नका.

संवेदनशील विषय पोस्ट करण्याचे किंवा शेअर करण्याचे टाळा.

कोणाही व्यक्तीची, समाजाची, धर्माची तारतम्य सोडून बदनामी करेल असे मजकूर, फोटो, चित्रे, कार्टून्स, विनोद पोस्ट करू नका.

महिलांना अवमानित करणारे विनोद, पोस्ट टाळा.

अपघात, खून, बलात्कार संबंधी पोस्ट करताना जाणीवपूर्वक काळजी घ्या. पिडीत महिलेचे नाव कोणत्याही परिस्थितीत उघड होणार नाही, हे पाहा.

रक्तरंजित किंवा भावना भडकवणारे फोटो पोस्ट करू नका.

ग्रुपवर आपसात बोलतानाही आपलं लिखाण ग्रुपमधील सर्व सदस्य वाचत असतात, याचे भान राखा. ते समूहाचा विचार सोडून नसावं, याची काळजी घ्या.

देशाची सुरक्षितता धोक्यात येईल अशी माहिती घाईघाईने उघड करू नका.

हे सोशल नेट्वर्किंग आहे, कचरा डेपो नाही, याची जाणीव असू द्या. सोशल नेट्वर्किंगचा वापर सकारात्मक करा.

हातात नुसता स्मार्टफोन असून उपयोग नाही. खऱ्या अर्थाने " स्मार्ट " व्हा.

India lost around 500 Crores in last 4 years in cyber frauds

As many as 37,721  cyber fraud cases involving Rs 497 crore have been reported by the RBI and CBI in the last four years.

Several cyber attack techniques are used in committing frauds and losses and are normally reported such as ATM/Debit cards, credit cards, As many as 37,721  Cyber Fraud Cases involving Rs 497 crore have been reported by the RBI and CBI in the last four years,

"As per information provided by the RBI , 10,048, 8,765, 9,500 and 9,362 cyber fraud cases and losses of Rs 38 crore, Rs 67 crore, Rs 78 crore and Rs 60 crore have been reported to the RBI during 2011-12, 2012-13, 2013-14 and April-December 2014, respectively," 

"CBI has also registered 46 cases (14 PEs (Preliminary Enquiry) and 32 RCs (Regular Case)) relating to cyber crime in various parts of the country during the last 3 years that is 2012, 2013, 2014 and 2015 (till date)." 

In these cases 34 persons have been arrested, he said. "An amount of Rs 90 crore, Rs 158 crore and Rs 6 crore was involved in these cases registered during the year 2012, 2013 and 2014, respectively," 

Incidents of  malware infections in India cyber space are reported to and tracked by the Indian Computer Emergency Response Team (CERT-In), which works with the Internet Service Providers (ISps) to identify the infected systems and organisations, 
"Cert-In, Department of Electronics and IT has initiated action with active participation of service providers and industry to set up a centre for detection of computer systems infected by malware and to notify, enable cleaning and securing systems of end users to prevent further malware infections," 

As reported to parliament by IT Minister of India