Website related agreements are generally known as Terms of Use (TOU) or Terms of Service (TOS). They are prepared on the basis of the laws of the land where they got registered and/or countries they provide services. They create a framework by which rights and duties of the parties are identified. In addition, the TOS may reduce the risk of the Website owners. As per the Information Technology (Intermediaries guidelines) Rules 2011, all websites must publish Terms and Conditions in accordance with the rules contained therein. We are able to draft policies by taking into consideration the nature of the website, area of operation, whether they are passive or highly interactive, and thereby try to reduce the risks for the owners contractually
The revolutionization of the Internet-based technology has given rise to a plethora of opportunities for the users around the world. While the real-time interactions and transactions over the internet made our life easy and flexible, in the darker side we experience an unregulated rampage of criminals, fraudsters and thieves. In the muddy waters of the internet how can the genuine surfers protect their intellectual assets within the framework of the existing laws? It is pertinent to note that the existing statutes and rules applicable to goods and services are equally applicable to those of their counterparts in the internet.
The Intellectual Property refers to creations of human intellect such as Literary & Artistic works. Literary Works such as novels, poems, plays, computer programs, computer layouts design, databases, various works on the web, multimedia works, reference works, movies, musical compositions, choreography etc. and Artistic Works such as paintings, drawings, photographs engravings, architecture, advertisements, prints, cartoons, plans, maps logos etc. are easily copied and shared without its real owner’s consent or permission. Some of the laws that protect the Intellectual Property Rights (IPR) currently available are:
As IPR lawyers, it’s essential for us to identify the violation and take appropriate measures to get justice to the real owners of the copyright. Civil, Criminal and other remedies are available for the Protection of Intellectual Property. The remedies available are:
Startups are innovative business projects being undertaken by entrepreneurs to seek, develop, and validate a scalable economic models. Start ups are new structured and futuristic businesses which make use of all existing technological advancements that are intended to grow large beyond their founders. According to the Ministry of Commerce and Industry, Government of India, a Start-up is a ‘temporary organisation that is searching for a repeatable and scalable business model’ Before venturing into a Start-up business project, it’s essential to pass through several legal requirements:
Successful businesses are built on trust. Trust in products and services, trust in and among your employees, and trust by customers in your brand. Cyber-attacks take advantage of this trust to access and disrupt your business. To protect the trust in your organization, you need a security partner that can help you respond, identify, and prepare for ongoing cybersecurity threats.
We are here for your help. Our industry standard certified professionals (Offensive security certified professionals) will help you to assess your Applications (Web / Mobile / Thick client)& Infrastructures (Internal & External) to find the threats and will provide a detailed assessment report along with an executive summary and proper artefacts. We will ensure your systems are secure with threat detection, penetration testing, vulnerability and red team assessment services.
A full test on the nominated website based on OWASP most common vulnerabilities. A web application test employs different testing techniques to find “security bugs” in server/client applications of the organization from the Internet. The outcome of this web application testing is to provide assurance that the organization’s web presence is protected from penetration and compromise from intruders.
Penetration testing of mobile phones (Android, iPhone), tablets and laptops. Testing will consist of attempted access to a mobile device without authentication devices or provided passwords. A second phase of testing will also be undertaken with full authentication provided allowing the tester’s access to the device as an employee would have.
Testing internal& External systems will determine the level of threat to an organisation that a malicious attacker, an employee or contractor, who has gained access to systems, may pose to the systems and data. We will examine the security of all server’s OS, applications, wireless security, segregation of restricted data, VLAN and firewall rulesets and physical security. Testing will be partial ‘white box’, where relevant information is given. Testing is designed to cause no interference to normal network operation.
Environment and people vulnerabilities can be a larger threat than network and IT vulnerabilities. Social engineering is the Art/Science of manipulating someone in order to bypass security measures and tools. We also provide phishing campaigns to your employees along with awareness sessions This test will identify any vulnerabilities in an organization’s staff and physical access to the organization’s’ building.
A wireless penetration test will examine security of all nominated wireless points and check for data leakage and security level. This will test the reliability of the organization’s wireless network and prevent an attack.
Our experienced security engineers will test your thick client application whether it is hosted internally or in a virtualized environment. Our approach to thick client security assessments includes reviewing server-side controls, data communication paths, and potential client-related issues.
Cybersquatting is the unauthorized registration and use of internet domain names with bad faith intent to profit from the goodwill of trademark belonging to someone else. On most of the occasions, the cybersquatter’s intention is to sell the domain name to the lawful owner of the name at a premium. As per the IN Registry, which has been created by the National Internet eXchange of India (NIXI), a Domain Name Dispute arises when a person considers that his/her registered domain is:
There are cost effective and timely mechanisms to resolve internet domain name disputes, without the need for court litigation. This includes the Arbitration under the World Intellectual Property Organization (WIPO)-initiated Uniform Domain Name Dispute Resolution Policy (UDRP) for any generic top level domain disputes (gTLDs), and the .IN Domain Name Dispute Resolution Policy (INDRP) if the domain name is registered and used in the .IN country code top-level domain name (ccTLD). A dispute concerning the domain name is dealt with a number of ways such as (a) sending cease and desist letters to the cybersquatter (b) opting for arbitration under UDRP or INDRP (c) Approaching the Court under the Trademark Act for infringement or for passing off.
WA software license is an agreement made by one party (the end-user) that gives the right to use a software computer program developed/owned by another party (software developer/manufacturer/vendor). The developer/manufacturer/vendor gives certain rights to use the program, on payment of an annual fee to use the software. The license includes terms such as the duration of the license, permitted users and sites, permissible location of the software, purpose for which the software can be used, and number of users allowed to use the software. Software is of two types, free or open source and Proprietary. In Open-source software, the source code is available for anybody to access or modify, while in Proprietary Software, though the right to use by the end user is granted, the ownership remains with the developer/manufacturer. The rights of the software proprietor and the users are governed by End User Licensing Agreement or EULA.
E-commerce or Electronic Commerce is the buying and selling of goods and services and the payment for the same electronically over the internet. Currently, this business has achieved flourishing development in such a way that almost everything from anywhere in the world - daily-fresh, medicines, cooked food, garments, households, mobiles, laptops etc. etc.- can be purchased through E-Commerce at competitive prices. All E-commerce transactions that takes place between consumer and businesses, can be summarized into four main e-commerce models such as: (a) Business to Consumer-B2C-Business directly with consumer (b) Business to Business-B2B-commerce between two businesses (c) Consumer to Consumer-C2C-Commerce between two individuals (d) Consumer to Business-C2B-Consumer sells produces to Business
Intermediaries such as Platform Owners, Social Media Networks, E-Commerce Websites, Hosting Providers, Telecom Service Providers, Domain Name Registrars, Network Service Providers, Webhosting Service Providers, Search Engines, Online Payment Sites, Internet Service Providers, Cybercafes & other Intermediaries who host websites etc. are dutybound to publish policies in accordance with the provisions contained in the Information Technology Act 2000, the Information Technology (Intermediaries guidelines) Rules 2011 & the Copyright Act 1957 and such other acts, rules, regulations etc. They are liable to remove any prohibited content or disable access at a website at their control on getting notified by the affected person, law enforcement agency or by court order.
Personal Data of individuals is one of the priceless commodities available in the market at present. The richest corporates in the world such as Amazon, Facebook, Google etc. have nothing but data only in their hands. From the analysis of data of people only the modern corporates are able to make intelligent decisions to predict, control and change consumer behaviour for further development of business interests. The manner in which the collection, control and process of data have given rise to the emergence of a variety of legal, policy and regulatory issues. The General Data Protection Regulation (GDPR) of the European Union, the various Federal and State level Privacy Laws of the United States, the Information Technology Act, 2000 and its corresponding Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, the Personal Data Protection Bill (2019) of India etc. are some of the legislations aimed to control the collection and handling of data – consent, notice and regulatory obligations. Of all the Data Privacy Laws, the GDPR is the toughest and most comprehensive laws having worldwide ramifications, the non-compliance of which attracts heavy penalties. Small, medium and big companies in India, doing business with any one of the EU countries will be impacted by the GDPR.
Online or Internet Banking Fraud is a theft committed using internet based technology to unlawfully remove money from a bank account and transfer to an account in a different bank. It’s a form of identity theft made possible through techniques such as phishing, vishing, money mule etc. Banking frauds are on the rise despite the advances in technological improvement in the security of the banks. Fraudsters find newer methods to overcome the security barriers to infiltrate the banking system. A study indicates that majority of the frauds in the financial sector is attributed to banks. Lack of training, overburdened staff, competition, low compliance to the practices framed by the Reserve Bank of India to prevent frauds etc. are some of the reasons for the increase in Banking frauds.
The massive growth in the incidence of cybercrimes can be attributed to the proportionate increase in the number of internet users from their computers, mobile phones PDAs, digital gadgets and other Internet of Things (IoT), which are creating dangers in areas of Privacy and Security. The law enforcement authorities are scarcely equipped with resources to manage and contain cybercrimes effectively due to lack of training in the field of digital investigations. A complainant may be turned away by the police for lacking enough material evidence to register an FIR. However, if a complaint is submitted to the police with all relevant information like the IP address of the computer device from where the cybercriminal had executed the crime and the location with the help of a Cyber Investigator, it would be easy for the police to register the FIR and make further investigations. A Cybercrime investigator could drill down the details of the cybercrime by going deeper so that the criminal who’s hiding inside the Cyberspace is identified. This will help the police in identifying the magnitude of the issue and proceed further to register the case, conduct deeper investigation, present before the court and so forth.
The important Indian legislation that directly deals with Cyber Offences is the Information Technology Act 2000. However, the Indian Penal Code (IPC), and the Indian Copy Right Act of 1957 also address offences such as copyright & trademark infringements, a wide range of cybercrimes including identify theft, credit card fraud, computer hacking, cyberbullying, extortion, distribution child pornography, and cyber-terrorism. The following are the offences that are mentioned in the Information Technology Act 2000.