Cybersecurity

Research

In January 2024, Amazon France Logistique was fined €32 million by the French Data Protection Authority, CNIL for its employee data processing practices. The company’s employee monitoring practices¹ caught attention of the regulator for being excessive, non-transparent and violative of privacy rights of employees under the Eur0pean Union’s (EU) General Data Protection Regulation (GDPR). The […]

Categories: Cybersecurity

This article explores the hypothesis that the UCO Bank fraud case, where ₹ 820 Crore was (temporarily) stolen from the bank through glitches in IMPS transactions is a coordinated retail cyber-attack which created money from thin air similar to printing fake currency notes. Background Modern banking is both fractional and digital. Fractional refers to the […]

Categories: Cybersecurity, Finanace

Access the full article here. “The Italians having a Proverb, ‘He that deceives me once, it’s his fault; but if twice, it’s my fault.’” – Anthony Weldon (1651), The Court and Character of King James   1. What happened? On 15 November 2023, UCO Bank reported[1] to the National Stock Exchange (NSE) that during the […]

Find the full report here. Overview 2023 was an eventful year in India’s tech policy landscape and for us at DeepStrat. We expanded our policy risks vertical, engaged in several public consultations, undertook new projects, published several studies, built collaborations, and designed solutions. This is a recap of how the landscape evolved and the key […]

Categories: Cybersecurity

Shielding Young Minds: DPDP’s Safeguards for Children’s Data Privacy After considerable deliberations, the Digital Personal Data Protection (DPDP) Act is finally operational and brings a host of fiduciary obligations for any entity, private or public, that is handling personal data. The Act also emphasises a special category for children, which mandates additional obligations under Section […]

Categories: Cybersecurity

The full report can be accessed here. Nearly 23 years after India passed the Information Technology (IT) Act 2000, we are again looking at passing an ambitious Digital India Act. Much has changed in the intervening years since the last Act and technology as well as services have undergone a paradigm shift. In 2000, the […]

A PDF version of the report is available here. Executive Summary The era of digitisation may have begun, when the Personal computer became available as a mass market device in the year 1970, when the Altair 8800 was introduced, but it accelerated at great speed in the 2000s, when internet companies figured out how to create […]

The landmark Digital Personal Data Protection (DPDP) Bill, 2023 is finally here, and it comes with some significant changes from the last draft that was put out for consultation last year. DeepStrat had submitted its comments to the draft in January, 2023 and several suggestions have been incorporated. There are several major changes that have […]

The Reserve Bank of India mandated the deletion of card-on-file data by merchants and PA/PGs. Industry bodies and civil-society organisations gave inputs seeking an extension of this deadline in December last year, including The Dialogue and Deepstrat which published a paper outlining the challenges associated with rushed compliance. The RBI, taking cognisance, gave a six-month […]

Categories: Cybersecurity, Security

Tackling Retail Financial Cyber Crimes in India is an ethnographic study on problems faced by law enforcement agencies (LEAs) in investigation and prosecution of financial cyber crimes in India. The study draws on complaints filed with Haryana’s unique cyber crimes police station to understand the impact of online frauds on retail digital payments. It is […]

Categories: Cybersecurity, Privacy

Professor Alan Westin, American professor of law, recognised as the father of modern data privacy law, laid down the basic principles of privacy law decades ago in his books, ‘Privacy and Freedom’ and ‘Databanks in a Free Society’. Westin defined privacy as the “claim of individuals, groups or institutions to determine for themselves when, how […]

Categories: Cybersecurity, Technology

EXECUTIVE SUMMARY Encryption in today’s increasingly interconnected world is perhaps the only technology that provides us a sense of safety online. It is the most important enabler of free speech and indirectly thus, allows for the internet enabled communication to provide the same privacy we expect within the confines of what a physical conversation with […]

Categories: Cybersecurity, Technology

This study by The DialogueTM and DeepStrat analyses the national security implications of weakening encryption technology. It is based on qualitative inputs from veterans in the law enforcement, intelligence agencies, the military and India’s tech community. The report is also a deep study of global legal and technical standards. It highlights the challenges investigators face […]

Categories: Cybersecurity, Technology

Through recent guidelines, the Reserve Bank of India mandated the deletion of card on file details by merchants and PA/PGs post 31.12.21. They also expanded the scope of application of the tokenisation framework to help counteract potential disruption. The Dialogue and DeepStrat conducted a series of interviews with key stakeholders in the digital payments ecosystem […]

Categories: Cybersecurity, Privacy

Information is power. A range of organisations — from private military firms such as NSO to various instruments of the State — collect information to empower governments. The quest for unbridled power and critical information often leads to using unprincipled and unlawful means. Snooping is a grim reality since the days of Chanakya, or indeed, […]

Categories: Conflict, Cybersecurity

On nuclear energy, scientist Albert Einstein prophesised that “The unleashed power of atom has changed everything ,…, and we thus drift towards unparalleled catastrophe.” In 2016, technologist Aviv Ovadya warned of the unfolding of Infocalypse, a dangerous and untrustworthy information ecosystem. That Infocalypse is now staring at India in manifest. The moot point is if […]