#FactCheck: Beware of Fake Emails Distributing Fraudulent e-PAN Cards

Introduction

Mr Rajeev Chanderashekhar, MoS, Ministry of Electronics and Information Technology, on 09 March 2023, held a stakeholder consultation on the Digital India Bill. This bill will be the successor to the Information technology Act 2000 and provide a set of regulations and laws which will govern cyberspace in times to come. The consultation was held in Bangalore and was the first of many such consultations where the Digital India bill is to be discussed. These public stakeholder consultations will provide direct public feedback to the ministry, and this will help create a safe and secure ecosystem of Indian Cyber Laws.

What is the Digital India Act?

Cyberspace has evolved the fastest as compared to any other industry, and the evolution of the growth cannot be presumed to be stagnant or stuck as we see new technologies and gadgets being invented all across the globe. The ease created by using technology has changed how we live and function. However, bad actors often use these advantages or fruits of technology to wreak havoc upon the nation’s cyberspace. The use of technology is always governed by the application of usage and safeguard policies and laws. As technology is growing exponentially, it is pertinent that we have laws which are in congruence with today’s time and technology. This is keenly addressed by the Digital India Act, which will be the legislation governing Indian Cyberspace in times to come. This was the need of the hour in order to have the judiciary, legislature and law enforcement agencies ahead of the curve when it comes to cyber crimes and laws.

What is the Digital India Bill’s primary goal?

The Digital India Bill’s goal is to guarantee an institutional structure for accountability and that the internet in India is accessible, unhindered by user harm or criminal activity. The law will apply to new technologies, algorithmic social media platforms, artificial intelligence, user risks, the diversity of the internet, and the regulation of intermediaries. The diversity of the internet, user hazards, artificial intelligence, social media platforms, and intermediary regulation are all discussed.

Why is the Digital India Bill necessary?

The number of internet users in the country currently exceeds 760 million; in the upcoming years, this number will reach 1.2 billion. Despite the fact that the internet is useful and promotes connectivity, there are a number of user damages nearby. Thus, it is crucial to enact legislation to set forth new guidelines for individuals’ rights and responsibilities and mention the requirement to gather data.

Major Elements of the Digital India Act

Major Elements of the Digital India Bill, which will eventually become an Act, which will contribute massively towards a safe cyber-ecosystem, some of these elements aim towards the following-

• The legislation attempts to establish an internet regulator.
• Women and Child safety.
• Safe harbour for intermediaries.
• The right of the individual to secure his information and the requirement to utilise personal data for legal purposes provide the main obstacles to data protection or regulation. The law tries to deal with this difficulty.
• A limit will be placed on how far a person’s personal information can be accessed for legal reasons.
• The majority of the bill’s characteristics are contrasted with the EU’s General Data Protection Regulation.

The Way Ahead

As we ride the wave of developments in cyberspace regarding emerging technologies and automated gadgets, it becomes pertinent that the state takes due note of such technologies and the courts take cognisance of offences committed by using technology. Law enforcement agencies must also train police personnel who can effectively and efficiently investigate cybercrime cases. The ministry also released a few bills last year, such as – the Telecommunication Bill, 2022, Intermediary Rules and the Digital Personal Data Protection Bill, 2022, to better address the shortcomings and the issues in cyberspace and how to safeguard the netizens. The Digital India Act will essentially create a synergy between the current bills and the new ones to come in order to create a wholesome, safe and secure Indian cyber ecosystem.

Conclusion

Digital India Bill is necessary to address the challenges of cyberspace, like personal data and privacy, and policies related to online child and women safety to create a and create a modern and comprehensive legal framework that aligns with global standards of cyber laws. The draft of the bill is expected to come out by July. The ministry looks forward to maximising the impact of the bill through such continuous and effective public consultation to understand and fulfil the expectations and requirements of the Indian netizen, thus empowering him/her equivalent to the netizen of a developed country.

Introduction:

This Op-ed sheds light on the perspectives of the US and China regarding cyber espionage. Additionally, it seeks to analyze China's response to the US accusation regarding cyber espionage.

What is Cyber espionage?

Cyber espionage or cyber spying is the act of obtaining personal, sensitive, or proprietary information from individuals without their knowledge or consent. In an increasingly transparent and technological society, the ability to control the private information an individual reveals on the Internet and the ability of others to access that information are a growing concern. This includes storage and retrieval of e-mail by third parties, social media, search engines, data mining, GPS tracking, the explosion of smartphone usage, and many other technology considerations. In the age of big data, there is a growing concern for privacy issues surrounding the storage and misuse of personal data and non-consensual mining of private information by companies, criminals, and governments. 

Cyber espionage aims for economic, political, and technological gain. Fox example Stuxnet (2010) cyber-attack by the US and its allies Israel against Iran’s Nuclear facilities. Three espionage tools were discovered connected to Stuxnet, such as Gauss, FLAME and DuQu, for stealing data such as passwords, screenshots, Bluetooth, Skype functions, etc.

Cyber espionage is one of the most significant and intriguing international challenges globally. Many nations and international bodies, such as the US and China, have created their definitions and have always struggled over cyber espionage norms.

The US Perspective

In 2009, US officials (along with other allied countries) mentioned that cyber espionage was acceptable if it safeguarded national security, although they condemned economically motivated cyber espionage. Even the Director of National Intelligence said in 2013 that foreign intelligence capabilities cannot steal foreign companies' trade secrets to benefit their firms. This stance is consistent with the Economic Espionage Act (EEA) of 1996, particularly Section 1831, which prohibits economic espionage. This includes the theft of a trade secret that "will benefit any foreign government, foreign agent or foreign instrumentality. 

Second, the US advocates for cybersecurity market standards and strongly opposes transferring personal data extracted from the US Office of Personnel Management (OPM) to cybercrime markets. Furthermore, China has been reported to sell OPM data on illicit markets. It became a grave concern for the US government when the Chinese government managed to acquire sensitive details of 22.1 million US government workers through cyber intrusions in 2014.

Third, Cyber-espionage is acceptable unless it’s utilized for Doxing, which involves disclosing personal information about someone online without their consent and using it as a tool for political influence operations. However, Western academics and scholars have endeavoured to distinguish between doxing and whistleblowing. They argue that whistleblowing, exemplified by events like the Snowden Leaks and Vault 7 disclosures, serves the interests of US citizens. In the US, being regarded as an open society, certain disclosures are not promoted but rather required by mandate.

Fourth, the US argues that there is no cyber espionage against critical infrastructure during peacetime. According to the US, there are 16 critical infrastructure sectors, including chemical, nuclear, energy, defence, food, water, and so on. These sectors are considered essential to the US, and any disruption or harm would impact security, national public health and national economic security.

The US concern regarding China’s cyber espionage

According to James Lewis (a senior vice president at the Center for US-China Economic and Security Review Commission), the US faces losses between $ 20 billion and $30 billion annually due to China’s cyberespionage. The 2018 U.S. Trade Representative (USTR) Section 301 report highlighted instances, where the Chinese government and executives from Chinese companies engaged in clandestine cyber intrusions to obtaining commercially valuable information from the U.S. businesses, such as in 2018 where officials from China’s Ministry of State Security, stole trade from General Electric aviation and other aerospace companies.    

China's response to the US accusations of cyber espionage

China's perspective on cyber espionage is outlined by its 2014 anti-espionage law, which was revised in 2023. Article 1 of this legislation is formulated to prevent, halt, and punish espionage actions to maintain national security. Article 4 addresses the act of espionage and does not differentiate between state-sponsored cyber espionage for economic purposes and state-sponsored cyber espionage for national security purposes. However, China doesn't make a clear difference between government-to-government hacking (spying) and government-to-corporate sector hacking, unlike the US. This distinction is less apparent in China due to its strong state-owned enterprise (SOE) sector. However, military spying is considered part of the national interest in the US, while corporate spying is considered a crime.

China asserts that the US has established cyber norms concerning cyber espionage to normalize public attribution as acceptable conduct. This is achieved by targeting China for cyber operations, imposing sanctions on accused Chinese individuals, and making political accusations, such as blaming China and Russia for meddling in US elections. Despite all this, Washington D.C has never taken responsibility for the infamous Flame and Stuxnet cyber operations, which were widely recognized as part of a broader collaborative initiative known as Operation Olympic Games between the US and Israel. Additionally, the US takes the lead in surveillance activities conducted against China, Russia, German Chancellor Angela Merkel, the United Nations (UN) Secretary-General, and several French presidents. Surveillance programs such as Irritant Horn, Stellar Wind, Bvp47, the Hive, and PRISM are recognized as tools used by the US to monitor both allies and adversaries to maintain global hegemony.

China urges the US to cease its smear campaign associated with Volt Typhoon’s cyberattack for cyber espionage, citing the publication of a report titled “Volt Typhoon: A Conspiratorial Swindling Campaign Targets with U.S. Congress and Taxpayers Conducted by U.S. Intelligence Community” by China's National Computer Virus Emergency Response Centre and the 360 Digital Security Group on 15 April. According to the report, 'Volt Typhoon' is a ransomware cyber criminal group self-identified as the 'Dark Power' and is not affiliated with any state or region. Multiple cybersecurity authorities in the US collaborated to fabricate this story just for more budgets from Congress. In the meantime, Microsoft and other U.S. cybersecurity firms are seeking more big contracts from US cybersecurity authorities. The reality behind “Volt Typhoon '' is a conspiratorial swindling campaign to achieve two objectives by amplifying the "China threat theory" and cheating money from the U.S. Congress and taxpayers.

Beijing condemned the US claims of cyber espionage without any solid evidence. China also blames the US for economic espionage by citing the European Parliament report that the National Security Agency (NSA) was also involved in assisting Boeing in beating Airbus for a multi-billion dollar contract. Furthermore, Brazilian President Dilma Rousseff also accused the US authorities of spying against the state-owned oil company “Petrobras” for economic reasons.

Conclusion

In 2015, the US and China marked a milestone as both President Xi Jinping and Barack Obama signed an agreement, committing that neither country's government would conduct or knowingly support cyber-enabled theft of trade secrets, intellectual property, or other confidential business information to grant competitive advantages to firms or commercial sectors. However, the China Cybersecurity Industry Alliance (CCIA) published a report titled 'US Threats and Sabotage to the Security and Development of Global Cyberspace' in 2024, highlighting the US escalating cyber-attack and espionage activities against China and other nations. Additionally, there has been a considerable increase in the volume and sophistication of Chinese hacking since 2016. According to a survey by the Center for International and Strategic Studies, out of 224 cyber espionage incidents reported since 2000, 69% occurred after Xi assumed office. Therefore, China and the US must address cybersecurity issues through dialogue and cooperation, utilizing bilateral and multilateral agreements.

‍

Executive Summary:

‍

Recently, our team encountered a post on X (formerly Twitter) pretending Chandra Arya, a Member of Parliament of Canada is speaking in Kannada and this video surfaced after he filed his nomination for the much-coveted position of Prime Minister of Canada. The video has taken the internet by storm and is being discussed as much as words can be. In this report, we shall consider the legitimacy of the above claim by examining the content of the video, timing and verifying information from reliable sources.

‍

‍

Claim:

‍

The viral video claims Chandra Arya spoke Kannada after filing his nomination for the Canadian Prime Minister position in 2025, after the resignation of Justin Trudeau.

‍

‍

Fact Check:

‍

Upon receiving the video, we performed a reverse image search of the key frames extracted from the video, we found that the video has no connection to any nominations for the Canadian Prime Minister position.Instead, we found that it was an old video of his speech in the Canadian Parliament in 2022. Simultaneously, an old post from the X (Twitter) handle of Mr. Arya’s account was posted at 12:19 AM, May 20, 2022, which clarifies that the speech has no link with the PM Candidature post in the Canadian Parliament.

Further our research led us to a YouTube video posted on a verified channel of Hindustan Times dated 20th May 2022 with a caption -

“India-born Canadian MP Chandra Arya is winning hearts online after a video of his speech at the Canadian Parliament in Kannada went viral. Arya delivered a speech in his mother tongue - Kannada. Arya, who represents the electoral district of Nepean, Ontario, in the House of Commons, the lower house of Canada, tweeted a video of his address, saying Kannada is a beautiful language spoken by about five crore people. He said that this is the first time when Kannada is spoken in any Parliament outside India. Netizens including politicians have lauded Arya for the video.”

‍

‍

Conclusion:

‍

The viral video claiming that Chandra Arya spoke in Kannada after filing his nomination for the Canadian Prime Minister position in 2025 is completely false. The video, dated May 2022, shows Chandra Arya delivering an address in Kannada in the Canadian Parliament, unrelated to any political nominations or events concerning the Prime Minister's post. This incident highlights the need for thorough fact-checking and verifying information from credible sources before sharing.

• Claim: Misleading Claim About Chandra Arya’s PM Candidacy
• Claimed on: X (Formerly Known As Twitter)‍
• Fact Check: False and Misleading