Advocate (Dr.) Prashant Mali's Blog

Net neutrality what it is? Net neutrality is an idea which stipulates that internet service providers (ISPs) only enable general web connectivity and cannot selectively connect to one website and not the other. Whether you are reading the news or browsing photographs on the web, you get the same internet speed. All ISPs open all (legal) websites whether they like it or not. They do not slow down access to Facebook or speed up access to YouTube. They do not charge extra money from Twitter or Flickr for speeding up connection to these websites. In sum, ISPs are content-agnostic. They just provide the connection at a speed for which a user is paying. Also, unlike cable TV where you have to pay for channels, for the internet you just pay for the connection. Net neutrality has some obvious advantages. It is great from the perspective of freedom of speech. It is up to a user to access what he wants on the web. But a bigger advantage of net neutrality is that it creates a level-playing fiel

Facebook Wants to Listen to Your Phone Calls !! Cellphone users who attempt to install the Facebook Messenger app are asked to agree to terms of service that allow the social networking giant to use the microphone on their device to record aud io at any time without their permission. As the screenshot above illustrates , users are made to accept an agreement that allows Facebook to “record audio with the microphone….at any time without your confirmation.” The Terms Of Sservice also authorizes Facebook to take videos and pictures using the phone’s camera at any time without permission, as well as directly calling numbers, again without permission, that could incur charges. But wait, there’s more! Facebook can also “read your phone’s call log” and “read data about contacts stored on your phone, including the frequency with which you’ve called, emailed or communicated in other ways with specific individuals.” Although most apps on Android and Apple devices include similar terms to those

Online Banking & Credit Card Fraud Advisory !! After listening to plight of sufferers from various online and credit card banking related frauds and handling so many cases of fraud right from Rs. 15 thousand  to Rs. 52 Lakhs, i have humbly by experience come to following conclusion and Advisory 1. Every Net banking users should have two bank accounts 2. One in technology oriented banks like icici, hdfc,axis,yes,sbi etc with online banking option etc 3. One account in any other cooperative bank but balance up to Rs. 100000/- only na d if you want to have more balance at hand Rs. 1 lakh each in different trustworthy cooperative banks. Rest can be in fixed Deposits  [ This is said coz RBI only insures up to 1 lakh i.e if the bank goes kaput up to 1lakh RBI will pay you] 4. In the technology oriented bank maintain only amount needed for handling online transactions as Bill payment or ticketing e.t.c 5. When ever required, money can be transferred to online banking accou

What is Sensitive Personal Data or Information in India ?  [ DATA PROTECTION LAWS IN INDIA ] Sensitive Personal Data or Information though not directly defined in The Section 2 of The IT Act, 2000. But the definition which has force of law is  defined under  the  section 3  of   THE INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011 made by Central Government  In exercise of the powers conferred by clause (ob) of sub­section (2) of section 87 read with section 43A of the Information Technology Act, 2000 (21 of 2000). Section 3 reads as  3.    Sensitive personal data or information. —  Sensitive personal data or information of a person means such  personal information  which consists of   information relating to;― (i)  password;      (ii) financial information such as Bank account or credit card or debit card or other payment instrument details ;        (iii) physical, physiological and mental

Google User Search Logs – Is it Personal Data or Information? Privacy concerns relate to personally information or personal data, that is, as defined in The IT Rules under The ITAct, 2000 i.e “Personal information” means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person. I nformation which can be used to uniquely identify, contact, or locate a specific individual person. Federal privacy legislation protects personal data in a number of contexts, such as health information, financial data, or credit reports. Similarly, the European data protection framework applies to "personal data," defined as "any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by re

Google and Indian Privacy Laws (Part I) Search engines are the most important actors on the Internet today and Google is the undisputed king of search. Google dominates the Internet, guiding users to the information they seek through an ocean of unrelated data with astonishing precision and speed. It is a powerful tool, evoking ambivalent feelings. On the one hand, we adore Google for its simple, modest-looking interface masking a hyper-complicated algorithm, which is the very essence of online ingenuity. We admire it for providing superb services at no (evident) cost, a practical miracle in today's market economy. On the other hand, we grow wary of Google's increasing clout as the ultimate arbiter of commercial success ("to exist is to be indexed by a search engine") and as a central database for users' personal information, not only logging their search queries but also storing their e-mail (Gmail), calendars (Calendar), photos (Picasa), videos (Yo

Your Ultimate Bank Money Stealer is Here..  A new malware is discovered called “Dump Memory Grabber,” which has already been used to steal debit and credit card information from customers using major US banks including Chase, Citibank and Capital One, The malicious code is evidently being installed directly into point-of-sale (POS) hardware (meaning registers or kiosks) and ATMs, and transmitting the harvested information straight out of the magnetic stripes on credit and debit cards - which includes everything from account numbers, to first and last names and expiration dates. How are attackers infecting physical systems? It is your favourite USB drives are the likely culprits, as modern register systems often have accessible ports, as well as direct connections to the Web. The harvested information is then used to produce cloned cards, and they are likely succeeding with the help of individuals with direct access to the POS systems and ATMs - which could include employees.