Introduction Last week the Government of India finally operationalised the first privacy law by passing the subordinate rules, giving companies 18 months to comply. After a little over a decade of litigation and debate, privacy was recognised by the Supreme Court in 2017 as a fundamental right in a historic judgment passed by a 10-judge […]
In January 2024, Amazon France Logistique was fined €32 million by the French Data Protection Authority, CNIL for its employee data processing practices. The company’s employee monitoring practices¹ caught attention of the regulator for being excessive, non-transparent and violative of privacy rights of employees under the Eur0pean Union’s (EU) General Data Protection Regulation (GDPR). The […]
This article explores the hypothesis that the UCO Bank fraud case, where ₹ 820 Crore was (temporarily) stolen from the bank through glitches in IMPS transactions is a coordinated retail cyber-attack which created money from thin air similar to printing fake currency notes. Background Modern banking is both fractional and digital. Fractional refers to the […]
Access the full article here. “The Italians having a Proverb, ‘He that deceives me once, it’s his fault; but if twice, it’s my fault.’” – Anthony Weldon (1651), The Court and Character of King James 1. What happened? On 15 November 2023, UCO Bank reported[1] to the National Stock Exchange (NSE) that during the […]
Find the full report here. Overview 2023 was an eventful year in India’s tech policy landscape and for us at DeepStrat. We expanded our policy risks vertical, engaged in several public consultations, undertook new projects, published several studies, built collaborations, and designed solutions. This is a recap of how the landscape evolved and the key […]
Shielding Young Minds: DPDP’s Safeguards for Children’s Data Privacy After considerable deliberations, the Digital Personal Data Protection (DPDP) Act is finally operational and brings a host of fiduciary obligations for any entity, private or public, that is handling personal data. The Act also emphasises a special category for children, which mandates additional obligations under Section […]
The full report can be accessed here. Nearly 23 years after India passed the Information Technology (IT) Act 2000, we are again looking at passing an ambitious Digital India Act. Much has changed in the intervening years since the last Act and technology as well as services have undergone a paradigm shift. In 2000, the […]
A PDF version of the report is available here. Executive Summary The era of digitisation may have begun, when the Personal computer became available as a mass market device in the year 1970, when the Altair 8800 was introduced, but it accelerated at great speed in the 2000s, when internet companies figured out how to create […]
The landmark Digital Personal Data Protection (DPDP) Bill, 2023 is finally here, and it comes with some significant changes from the last draft that was put out for consultation last year. DeepStrat had submitted its comments to the draft in January, 2023 and several suggestions have been incorporated. There are several major changes that have […]
Executive Summary At the outset, please accept my gratitude for giving me an opportunity to address a very important issue. I believe this issue and what is decided today will have a major bearing on the health and the future of our democracy. I would also like to place on record my appreciation for […]
Tackling Retail Financial Cyber Crimes in India is an ethnographic study on problems faced by law enforcement agencies (LEAs) in investigation and prosecution of financial cyber crimes in India. The study draws on complaints filed with Haryana’s unique cyber crimes police station to understand the impact of online frauds on retail digital payments. It is […]
Professor Alan Westin, American professor of law, recognised as the father of modern data privacy law, laid down the basic principles of privacy law decades ago in his books, ‘Privacy and Freedom’ and ‘Databanks in a Free Society’. Westin defined privacy as the “claim of individuals, groups or institutions to determine for themselves when, how […]
EXECUTIVE SUMMARY Encryption in today’s increasingly interconnected world is perhaps the only technology that provides us a sense of safety online. It is the most important enabler of free speech and indirectly thus, allows for the internet enabled communication to provide the same privacy we expect within the confines of what a physical conversation with […]
This study by The DialogueTM and DeepStrat analyses the national security implications of weakening encryption technology. It is based on qualitative inputs from veterans in the law enforcement, intelligence agencies, the military and India’s tech community. The report is also a deep study of global legal and technical standards. It highlights the challenges investigators face […]
The alleged auction of Muslim women online, a repeat of a similar act in the middle of 2021, has brought to light a plethora of online and offline issues once again. In the middle of 2021, news about a digital application called SulliDeals had images of Muslim women being shared as “auctions”. The case was […]
Intelligence agencies, around the world, collect enormous amounts of data on individuals on grounds of national security. They also plead for laws to access the content of encrypted messages between individuals on social media — a demand social media companies are uncomfortable with. We believe there is a strong case for analysing metadata better, which […]
Information is power. A range of organisations — from private military firms such as NSO to various instruments of the State — collect information to empower governments. The quest for unbridled power and critical information often leads to using unprincipled and unlawful means. Snooping is a grim reality since the days of Chanakya, or indeed, […]
DeepStrat is a New Delhi-based Strategic Consultancy and Think Tank. It was founded with the vision to combine rich experience in government with the best talent available in the private sector to produce sustainable solutions. At DeepStrat we focus on a broad spectrum of issues – Risk Assessment & Mitigation, Cybersecurity, Technology, Sustainability, Governance, Capacity Building, Foreign Policy, Defence and Public Policy. The DeepStrat network can help your firm navigate Asia’s public policy space, engage decision makers, assess risks, audit security and communication strategies. Write to us at [email protected].