Corporate Law Newsletter Volume III, Issue 46

November 13, 2018
Corporate Law
VOL III
ISSUE No. 46
November 13, 2018

India: Onus of cyber-safety to vest with social media engines

cyber-safety to vest with social media enginesThe Government may soon shift the responsibility of the content being transmitted to the social media platforms being used for the said purpose.

India: NCLT directs PF to be paid before clearing creditors dues

National Company Law NCLT gives priority to the employees right to provident fund against the creditors right to receive payments in lieu of unpaid debt in case of insolvency of the debtor.

India: Google- Pay revises its privacy policy

Google Pay Revises
Google- Pay modifies its privacy policy to ensure protection of the personal and sensitive information of its users.

India: Termination of Contract

Bombay High Court in IndiaAgreement between Inox and BMS has been terminated attributable to thereof disagreement over the terms of the payment to be made to Inox by BMS in lieu of the rights to sell tickets.

India: Data Theft By Employees: Risks and Precautions

Data TheftAn overall data protection policy must take into consideration protection against employees and the same must be efficiently implemented in for better risk management and data security.

India: Anti-doping: The Indian scenario

Anti-doping: The Indian scenarioIndia prohibits doping and has therefore introduced policies to ensure prevention of the same.

 


India: Onus of cyber-safety to vest with social media engines

Social Media Engines

Losing touch with the physical world around, the world is becoming increasingly glued to the social media over the cyber-world. A number of users take recourse to the online media for connecting with one another thus making the social media platforms very popular amongst them. Social networking plays an imperative part of lives of the people all around the world by offering an interactive, participative and open virtual community.

 

Potential Risks of using the Social media

While the social platforms such as Facebook, WhatsApp, Instagram, etc. connect the individuals separated at a large distance by integrating them on a unified electronic platform, these often serve as a source of criminal activities on the virtual space.

Notorious elements rely the power of technology to their advantage by using the same to carry out nefarious activities, spread of false information, sending offensive messages, identity theft, cheating by impersonation, stalking, harassment by threats, cyberbullying, fraud, illegal transaction, cyber-terrorism, violation of privacy, publishing or transmitting obscene material, etc.

Steps to curb the menace

In order to monitor and regulate the occurrence of crimes over the cyber-space, the Government has enforced the Information Technology Act, 2000 (hereinafter referred to as the “Act”) which provides penal consequences to the offenders of the online mode.

The Government makes constant efforts to curb the menace of cyber-crimes by devising policies and guidelines ensuring the safety of the personal and sensitive data being transmitted over the electronic media. With a view to enforce stringent regulatory mechanism, the Government may soon formulate a scheme to shift the responsibility of the content being transferred with the social media platform allowing such circulation.

With the new approach, the Government may hold the social media platforms accountable for the content shared through them by their users. Since these platforms use algorithms and artificial intelligence for their operations, it is believed that they can better regulate the content and its dissemination being made through their medium in furtherance of public safety. The Government recognizes the need of adequate precautionary measures and identification of source of the information by the social media platforms in order to ensure that they do not become the vehicles for conduct of criminal activities. This step of the Government may require the platforms to develop their controlling framework, policies and appointment of regulatory authority as a way to prevent their misuse. Unregulated participation in transferring unauthentic/ improper information in fact facilitates the execution of cyber-crime. Efforts are needed to filter the criminal activities by these social media engines.

____________________

[1]https://economictimes.indiatimes.com/tech/internet/onus-of-keeping-social
-media-safe-may-shift-from-users-to-facebook-whatsapp-telecom
-secy/articleshow/65907922.cms

 


India: NCLT directs PF to be paid before clearing creditors dues

National Company Law Tribunal

Source: www.nclt.gov.in

The Government has been working to facilitate the conduct of business in the country, thereby permitting a rapid boost to the Indian economy. Attributable to multiple factors such availability of multiple resources, friendly regulatory mechanism, easy availability of labour, has contributed towards the growth of the industrial sector. Numerous efforts made by the employees of the business corporates have accelerated the pace of development in the nation.

Labour welfare

The Legislature provides an exhaustive framework in order to ensure that the sweat and hard-work put in by the employees is adequately compensated. Other than the basic remuneration, labour laws of India provide certain perks of employment including payment of bonus, gratuity, medical facilities, transport allowance, maternity benefits, etc. One of such benefits is the provision of the provident fund whereby an employee has to pay a certain percentage from his pay and an equal amount is contributed by the employer. The employee becomes entitled to this lump sum amount with interest which is handed over to him/ her at the end of his/ her services from the organization.

Protection of the Labour interest

In order to safeguard the interests on the employees of the insolvent companies, the National Company Law Tribunal- Mumbai Bench (hereinafter referred to as the “NCLT”) directed the priority of payment of provident funds against the unpaid dues of the creditor vide order dated September 12, 2018.

NCLT observed that any amount due to the workmen/ employees from the provident fund/ pension fund or gratuity is not included within the purview of liquidation asset and under the operation of law, provident fund payable are the deemed assets of workmen/ employees. Also, the said amount is not covered under the general term of workmen dues.

It has been clarified that provident fund dues are excluded from the liquidation assets enabling the workmen/ employees to realize their savings as well as the employer’s contributions as a part of their fundamental right to life while the right of the creditors is merely a property right. Therefore, the dues in respect of provident/ pension/ gratuity shall not be considered as liquidation asset to be made the provisions of the Insolvency and Bankruptcy Code, 2016 (hereinafter referred to as “IBC”) applicable.

While IBC aims at maximization of the assets in a time-bound manner protecting the rights of the creditors against unscrupulous debtors, the regulatory bodies such as NCLT are working with the objective of balancing the interests of the creditors without jeopardizing the needs of the labour.


India: Google- Pay revises its privacy policy

National Payment Corporation of Inida

Source:
www.npci.org.in

With the increasing digitalization, technology has assisted in making available numerous services on the electronic platform. Using simplified features on the cyberspace, has facilitated the carrying out of routine commercial activities using the podium offered by the virtual world. Most of the business operations no longer require physical media for their fulfilment.

 

Payments online

Online payments in India are regulated by the National Payments Corporation of India (hereinafter referred to as “NPCI”) which is the organisation for operating retail payments and settlement systems in India. A number of e-payments platforms have come up in the Indian market such as Mobikwik, OlaMoney, Jiomoney, PayZapp, SBI Buddy, etc.

Google- Pay

Entering into the domain of payment services is Google, which has developed a digital wallet platform and online payment system- Google- Pay to power in-app and tap-to-pay purchases on mobile devices, enabling users to make payments with Android phones, tablets or watches. While Google has requested to comply with the data localization norms set forth but has asked for the extension of the deadline in said regards by a period of 2 months (till December, 2018) . It is confronted with another challenge posed by the one of the renowned e-wallet service provider – Paytm.

Paytm had filed a complaint with the NPCI alleging that Google’s privacy policy allowed it to utilise a user’s personal data for advertising and promotional purposes, without any additional consent from the user. It was further stated that the said polices of Google permitted it to access user’s navigation, logs and correspondence data while also reserving the right to collect, store, use and read user’s communication. Paytm also contended that critical payments data collected by Google is being processed and stored outside of India which can have severe security implications in case of a data breach.

Being faced by serious accusations made against it, the tech giant updated its privacy policies by elaborating on the procedure it uses or can use payments data of its Indian users. The users have been informed that Unified Payments Interface Transaction Data will not be used for any monetisation purpose such as for advertisements purpose by any entity other than Google. However, such data shall be shared with banks, merchants and third-party service providers only to aid in the seamless flow of the transaction.

In the modern tech-driven world, where almost all services are available online the payments for the same are also being made via the same media. In order to ensure that the process is carried out smoothly the platforms often require the submission of personal and sensitive information of a person means such exclusive information which consists of passwords; financial information such as Bank account, credit card, debit card or other payment instrument details; physical, and mental health condition; medical records and history; Biometric information; any such related detail as provided to body corporate for providing service and any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise. Considering the vitality and importance of the information shared and rising number of criminal activities over the cyber-space, a duty is cast over the service provider to ensure the confidentiality of the same. Formulating the privacy policy lays down the guidelines for management of the confidential information so received serves as an effective mode for the protection of the sensitive information received from the users. The modification of the Google- Pay’s privacy policy is indicative of its intent to protect the personal and sensitive data of its users.


 

India: Termination of Contract

Bombay High Court

www.bombayhighcourt.nic.in

In order to carry out business operations, parties are required to enter into an arrangement which has the effect of creating binding obligations on them. A contract is an agreement, the terms of which are enforceable by law. Governed under the provisions of the Indian Contract Act, 1872 (hereinafter referred to as the “Act”), failure to fulfil the duties set out under the contract entails liability on the party causing the breach.

Events of termination

Some of the circumstances which result in termination of a contract between the parties are listed as below:

  • Coercion – A contract can be terminated on the account that a party has exercised coercion by committing or threatening or detaining tactics to obtain the consent of the other party (Section 15 of the Act).
  • Undue Influence – Where a party is in a position to dominate the will of another and exercises such position to obtain unfair advantage over the other party by obtaining their consent, such party has the option to terminate such contract (Section 16 of the Act).
  • Fraud – A contract may be terminated by a party in the event where the other party has committed a fraudulent activity to obtain the consent of the innocent party by deceiving them (Section 17 of the Act).
  • Misrepresentation – Where consent of a party is obtained on account of false statement made by party which believed it to be true, the innocent party has the option to terminate the contract (Section 18 of the Act).
  • Mistake – A contract becomes void from its conception if either or both parties are mistaken in regards to a matter of fact (Section 20 of the Act).
  • Frustration of contract – Attributable to supervening event that was beyond the control of either party making the performance of the contract impossible, discharges both the parties from performance of the duties enumerated thereunder (Section 56 of the Act).
  • Breach of obligations – A party may commit breach of their obligations under the contract by renouncing their liability, by making the performance impossible owing to own acts or totally or partially failing to fulfil the requisite duties.
  • Terms in termination clause – Parties may terminate the contract subject to the terms stated therein which may include expiry of the duration or termination at will by issuance of notice or any incapacity or change of circumstances hampering the performance of the obligations.

Consequences of termination

In the event where the contract between the parties is terminated, payment of consideration should be made in respect of the fulfilment of the promises by the other party in terms of delivery of goods or services.

Even if the contract is discharged and the other party has fulfilled their obligations as stated in the original contract which have been accepted by the first party, payment of consideration is required to be made on Qunatum Meruit basis.

In the case of breach of the conditions of the contract committed by either party, the other party may be made liable for compensation in terms of recession, liquidated/ unliquidated damages, injunction or specific performance subject to the terms of the contract.

In the news…

One of the country’s largest multiplex chain Inox Leisure (hereinafter referred to as “Inox”) terminated its contract with online ticketing platform BookMyShow (hereinafter referred to as “BMS”), after a disagreement over payments being demanded by Inox. While BMS challenged the said termination in the High Court of Bombay, the judicial authority referred the matter for arbitration vide its order dated September 18, 2018.

It has been contended by BMS that the difference between the parties arose in respect of payments hike sought by Inox arises for the rights to sell tickets through the booking partner. However, Inox alleged breach of the terms of the contract between parties by BMS.

Only after careful scrutiny of the terms and conditions of the contract governing the parties, can the issue between them be resolved. The arbitration proceedings ordered will delve into the depth of the matter to understand the nature and intent of the parties involved while formulating the terms of the contract between themselves before identifying the violation of the same and providing available relief to the innocent party.

 


 

India: Data Theft By Employees: Risks and Precautions

Risks and Precautions

Introduction:

The Ponemon Institute’s 2017 Cost of Data Breach Report has shown that Indian firms are at a high risk of data breach, especially the financial services and the technology companies. Moreover, the report highlights the cases of data theft not only by the professional hackers or malwares but by the companies’ “trusted” employees. Though most companies take stringent measures to secure their systems and network against cyber-attacks, they remain casual about protecting important data from their own employees. For example, in a recent case, the Canada Life insurance group alleged a former senior executive for transferring “significant and highly confidential information” to another company. Further, in another incident, SunTrust Banks Inc. reported data theft by an employee who is alleged to have stolen important information of about 1.5 million customers and provided it to a “criminal third party”. Hence, keeping in mind the consequences of such kind of breaches by the employees who are entrusted with company’s trade secrets and sensitive information of the clients, it has become pertinent to adopt or upgrade the policies and measures taken up by a company to enhance data security not only against common cyber threats but also against the insiders.

Combating Data Theft:

It becomes pertinent to analyze an employee’s potential motive behind committing such a theft/ breach. A company may take certain precautionary and mitigating measures to manage data security and prevent its theft. The most essential step in combatting data theft by employees is creation of a thorough and well communicated set of company policies and procedures. These must include priority classification of the data ranging from confidential/sensitive to general, restricted use of the data and proper security access procedures for both new and departing employees.

With respect to data classification, it is necessary that the data of a company, according to the field or area of operation, is well segregated and organized. Such databases should be updated and audited periodically. Restricting access to such data by setting passwords to the layers of data as per its importance and selectively giving privilege of formatting and editing certainly helps in maintaining proper records of employees and the data accessible by them. Further, the following steps may be helpful to strengthen the data security system:

  • Installation of anti-download and anti-copying software and restricting access to printers rendering the creation of copies of data difficult.
  • Crucial and sensitive data of the company should always be stored in encrypted form which ensures security of the data even if the entire computer hardware is stolen.
  • Removing the employees from the administrator group on their computer further prevents them from installing any software or hardware and hence protects stored data against any kind of tampering.
  • A centralized logging device to provide a single view of company’s log files throughout the organization provide for critical information to detect any infiltration by hostile entities.
  • A non-disclosure agreement to protect confidential information and trade secrets with high penalties in case of breach acts as a good deterrent.
  • Upon termination, all electronic devices that were accessible to the employee must be secured and the access, authorization and/or usernames must be immediately changed.

Employees’ and Staff training:

The most important aspect, however, is to train the employees and the staff to be careful and report any such instances immediately to the authorities. The employees should have regular awareness programs that reiterate the importance of complying with the policies, their importance and penalty in situations of non- compliance. For example, the employees should be advised to lock their desktops before leaving their desks even for short period of time as it may expose data to unauthorized access. Though these steps would certainly reduce the risk of data theft by employees, however a company or business should be prepared to mitigate the consequences in situation of a potential data breach anyway. If data theft has already been committed or there is a doubt of its commission, the apprehended consequences can be averted or abated by carefully preserving the digital evidences. Such digital evidences left after commission of data theft play an instrumental role in investigation and tracing down the offender.

Post Data Theft:

Careful handling of the situation involving data theft may assist the computer forensic experts in retrieving important information like recently attached storage media, recently accessed files and documents, recent internet activity, etc. which hold high evidentiary value in establishing a causal chain. In case the suspected employee’s computer is not switched off, the computer should be immediately quarantined. This step is essential as substantial information can be extracted from the computer’s Random Access Memory which may be lost or over-written by any further activity on the computer. On the other hand, if the computer has already been turned off, it should still be placed securely to prevent any tampering with the evidences. Every company is advised to have a separate IT department to handle contingencies and support the staff with technical help in such situations.

 


 

India: Anti-doping: The Indian scenario

India Anti-doping

Playing a vital role in the development of the overall personality of an individual, sports are an import facet of human life. Played in numerous forms, varying from those deploying physical activities to the ones involving strategizing instincts, these games have always been a part of the schedule of human life. These activities inculcate a sense of discipline, self-confidence, time management, team building, and cooperation of sportsmanship.

Doping in Sports

While sports encourage the spirit of competitiveness amongst the players, the increasing competition in the modern world has led to the elevation in the stress levels. Pressure is created on the player taking part in the activities causing them to improve their performance at any cost. With a view to enhance their athletic performance, the sports persons take recourse to doping which involves consumption of banned drugs. This has turned out to be great menace for the sports authorities to tackle attributable to its unethical and illegal nature being unfair to the honest players and having adverse impact on the health of the consumers of the prohibited drugs. Doping is mainly done with the intent to cheat and to have an edge over the others.

Doping Control Mechanism

The World Anti-Doping Agency (hereinafter referred to as “WADA”), established in 1999, is an international independent agency supported by sport movement and governments of the world having key activities like scientific research, education, development of anti-doping capacities, and monitoring of anti-doping policies in all sports and of all countries.

At the domestic level, National Anti-Doping Agency (hereinafter referred to as “NADA”) is the national organisation set up for fostering, coordinating, and monitoring the doping control program in sports in all its forms in India. It is also engaged in promoting anti-doping research and planning, implementing, regulating anti-doping information and educational programs thereby creating awareness about doping and its ill effects.

NADA has introduced the National Anti-Doping Rules, 2015 (hereinafter referred to as “NADA Rules”) which deals with adopting and implementing anti-doping rules and policies conforming with the guidelines issued by the WADA. The NADA Rules laying down the condition for athletes and athlete’s support personnel for participation in sports event, as also the manner of collection of samples for conduct of result management of dope test results and conduct of disciplinary and appeal panel proceedings at national level.

Working with the objective of dope free sports in India and strengthen the National Anti-Doping Program, NADA Rules protect the rights of the Athletes while maintaining the integrity of sport and provide awareness about consequences of doping. Justifying the true essence of sports by the virtue of ethics, fair play, honesty, India has formulated its policies to control the doping in sports occurring within the territorial limits of the nation. However, it is still confronted with the challenges posed by the pleas due to lack of awareness. The NADA Rules are expected to address the concerns of the athletes and their coaches by appropriately educating them about their rights and responsibilities.

For more information please contact us at : info@ssrana.com