Catergory

cybersecurity

2022

Delhi HC permits SnTHostings to respond to the CERT-In’s defence of the 2022 Directions

CERT-In has replied to SnTHostings' petition challenging the 2022 Directions, which require service providers to monitor the activities of their customers. Delhi HC has permitted SnTHostings to respond to the reply.
10 December, 2022
3 min read
Krishnesh BapatKrishnesh Bapat
vpn

Delhi HC issues notice in SnTHosting’s challenge to legality of CERT-In’s Directions

Tl;dr The Delhi HC has issued notice in a petition filed by SnTHostings challenging the legality of Direction No. 20(3)/2022-CERT-In dated April 28, 2022 (‘2022 Directions’) by the The Indian Computer Emergency Response Team (‘CERT-In’). SnTHostings provides hosting, Virtual Private Network (‘VPN’) and Virtual Private Server (‘VPS’) services. The 2022 Directions presented an existential crisis to SnTHostings as they mandated it to collect a range of personal data and share it with CERT-In on de
28 September, 2022
4 min read
Krishnesh BapatKrishnesh Bapat, Anandita MishraAnandita Mishra & Tanmay SinghTanmay Singh
CERT-In

Delaying the inevitable: Implementation of CERT-In’s Cybersecurity Directions gets a piecemeal extension

CERT-In has extended the timeline for partial enforcement of Cyber Security Directions dated April 28, 2022. The timeline for enforcement of the directions by MSMEs and enforcement of Direction 5 (a) and (f) by entities mentioned in Direction 5 is September 25, 2022.
28 June, 2022
4 min read
Tejasi PanjiarTejasi Panjiar & Prateek WaghrePrateek Waghre
cybersecurity

CERT-In Directions on Cybersecurity: An Explainer

On April 28, 2022, CERT-In issued directions aimed at strengthening India's cybersecurity. Issued without public consultations, these directions raise concerns related to state sponsored surveillance and data retention beyond need or purpose. We thus call on CERT-In to recall these directions.
05 May, 2022
8 min read
Tejasi PanjiarTejasi Panjiar, Anushka JainAnushka Jain & Prateek WaghrePrateek Waghre
Breaches

Explainer: Bharat Financial Inclusion Limited Loan 'glitch'

Bharat Financial Inclusion Limited recently admitted to disbursing 84,000 loans without customer consent owing to a ‘technical glitch’. Though the bank took some steps upon the receipt of the complaints, there is little regulatory oversight and acknowledgement of these instances in general.
16 March, 2022
7 min read
Tejasi PanjiarTejasi Panjiar & Rohin GargRohin Garg
Bullibai

IFF writes to the Parliamentary Standing Committee on IT on the “Bulli Bai” and “Sulli Deals” Incidents

The Mumbai and Delhi Police have arrested the perpetrators of the fake online auction of Muslim women. But what took so long? We wrote to the Standing Committee with a few recommendations
17 January, 2022
8 min read
Shivangani MisraShivangani Misra & Anushka JainAnushka Jain
Privacy

Amina writes to the National Commission for Women and the Telangana State Women’s Commission against targeted harassment of Muslim Women

After much furore around the Bulli Bai incident, some arrests have been made and the investigation is still pending. One of the victims of this incident wrote to the National Commission of Women and the Telangana State Women Commission seeking their intervention in ensuring fair investigation.
11 January, 2022
5 min read
Anandita MishraAnandita Mishra
CERT-In

Over to you MeitY: IFF's representation on CERT-In's Responsible Vulnerability Disclosure and Coordination Policy

CERT-In responded to our representation on the Responsible Vulnerability Disclosure and Coordination Policy and clarified that the Policy is following the existing provisions of the law. Therefore, now we ask MeitY to amend the law to provide a safe harbour for security researchers.
10 December, 2021
4 min read
Gyan TripathiGyan Tripathi & Rohin GargRohin Garg
cybersecurity
Featured

Don’t penalise cybersecurity researchers!

We wrote to CERT-IN regarding their new Responsible Vulnerability Disclosure and Coordination Policy that penalises cybersecurity researchers for vulnerability disclosures. Such a policy would make researchers reluctant about reporting vulnerabilities and so a robust disclosure mechanism is needed.
13 October, 2021
4 min read
Rohin GargRohin Garg
cybersec charcha
Featured

#4 Cybersec Charcha: A Global overview of the state of surveillance after the pegasus revelations

Your monthly round-up of all things cybersecurity! This edition of Cybersec Charcha focuses on spyware, the Pegasus Project reports and the booming surveillance industry.
05 August, 2021
5 min read
Shivani SinghShivani Singh

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!