Monday, December 18, 2017

Bitcoin Tax by Indian Government: How


To understand the tax implications of Cryptocurrencies in India, the following points need to be understood under the context of the Income Tax Act:

1) Business Income - These are the profits and gains received from any business or profession carried on by the tax payer at any time during the Financial Year. It includes 'any' compensation received or other payment due to be received. Further, the compensation may be received in Cash or Kind.

2) Capital Gains - It means any income which has been derived from a 'Capital Asset' (whether movable or immovable)

3) Capital Asset - It means property of any kind held by the taxpayer, whether or not connected with his business or profession.

However, this does not include any Stock in Trade

Note: Since the cryptocurrencies have not been declared as legal tender by the Reserve Bank of India, these cannot be considered as legal tender (cash) and shall be considered as an asset. With a general understanding of the above terms, we move on to understand how cryptocurrencies would be taxed under different scenarios:

Scenario 1: When a person receives Cryptocurrency as payment for rendering goods or services

If a provider of goods or services receives any payment by cryptocurrency, then, the fair market value of the cryptocurrency received as consideration for rendering the goods or services will be considered as the consideration (that is the sale amount). Hence, the difference between the Fair Market Value of the cryptocurrency and the cost of provision of goods or services will be treated as Business Income in the hands of the taxpayer and the resultant Business Income will be charged to tax at the applicable slab rate.

Let us take the following example to understand the above more clearly:

Mr. A provides services for which he agrees to receive 2 Bitcoins. For simplicity purpose, assume the cost of provision of service as Rs. 5,00,000/- and the Fair Market Value of 1 Bitcoin = Rs. 5,50,000/-. Hence, by applying simple mathematics we can conclude that the total consideration for the services rendered is Rs. 11,00,000/- (5,50,000*2) and therefore the Business Income is Rs. 6,00,000/-

Continuation of Scenario 1: The person receiving cryptocurrency as consideration sells the cryptocurrency

Now as soon as the person receives the cryptocurrency as consideration, it becomes his capital asset under the assumption that it is not Stock in Trade (which is discussed later). Therefore, as and when the person sells the cryptocurrency, the resultant difference between the Fair Market Value on the date of receipt of cryptocurrency (from the provision of goods or services) and the date of sale of cryptocurrency will be treated as Capital Gain.

Further, if the cryptocurrency is held for 36 months or less, it will be treated as Short Term Capital Gain. If it is held for more than 36 months it will be treated as Long Term Capital Gain.

While computing Long Term Capital Gain, the taxpayer will get the benefit of indexation.

The bifurcation of Short Term Capital Gain and Long-Term Capital Gain is important since the Short Term Capital Gains are taxed at Slab Rates and Long-Term Capital Gains are taxed @ 20%.

Let us continue the example taken in Scenario 1:

Suppose the bitcoins received by Mr. A is sold by him @ Rs. 5,75,000/- per Bitcoin then the value of the consideration that will be received by Mr. A is Rs. 11,50,000/-. Hence, the Capital Gains would be Rs. 50,000/- (11,50,000 - 11,00,000) and depending on the period of holding of the cryptocurrency, it will be taxed as Short Term Capital Gain or Long Term Capital Gain

Scenario 2: A person paying consideration by cryptocurrency for receiving any goods or services

If a person availing any goods or currency pays consideration in the form of cryptocurrency, then in such a case there will be aspects which will need to be considered:

i) Capital Gains
ii) Amount (Quantification) of the expense

Capital Gains: The Capital Gains will be determined in the same manner as discussed in 'continuation of scenario 1' and will be taxed accordingly. However, in this case the relevant dates for determination of period of holding shall be the date of acquisition of the currency and the date of payment

Amount of expense: The amount of expense shall be the Fair Market Value of the cryptocurrency on the date of payment

Let us take the following example to understand the above clearly:

Mr. A avails goods worth Rs. 11,50,000/- the payment for which is discharged by paying 2 Bitcoins (5,75,000 * 2). Assuming the cost of acquisition of 2 Bitcoins to be Rs. 10,00,000/- (5,00,000 * 2), the resultant Capital Gain will be Rs. 1,50,000/- and will be taxed as Short Term Capital Gain or Long-Term Capital Gain depending on the period of holding.

The amount of expenditure will be the Fair Market Value of the Bitcoins that is Rs. 11,50,000/-

Scenario 3: A person Investing / Trading in cryptocurrency

This is the simplest to understand. However, the important aspect to be to be considered is whether the activity is to be considered as Investment or Trading.

If the activity is considered as Investment the difference between the sale price and purchase price will be treated as Capital Gains (the treatment will be as discussed earlier) and on the contrary if the activity is considered as Trading, the difference will be treated as Business Income irrespective of the period of holding.

Determining whether the difference will be considered as Capital Gains or Business Income will depend solely upon the intention of the person at the time of acquisition of the cryptocurrency.

Conclusion: The Indian Tax laws do not have a specific mention on how cryptocurrencies are to be taxed in India and remains a grey area, particularly as the exposure of people increases until a specific mention in the law is made. Even thou Chairman of direct tax has announced that the profit earned from bitcoin trading would be taxed.

The cryptocurrencies are not declared as legal tender by the RBI and spelled by Finance Minister himself in the budget speech, it hence may be treated as an asset.

Further, it shall be kept in mind that the cryptocurrency market is an unregulated market and risk of investment remains high without support of Indian Law.

Thursday, November 2, 2017

Can GDPR Fines be covered under Cyber Insurance in India?

Can GDPR Fines be covered under Cyber Insurance coverage in India?
By Prashant Mali, 
Cyber Law & Privacy Expert.
Cyber policies usually grant cover for civil fines provided that these fines are “insurable at law”.
Where insurance for fines and penalties is available, this is usually as part of an operator’s general liability policy, although, as set out above, there is no general rule and some such policies routinely exclude such cover). In addition, prudent directors of port and terminal operators who are faced with the possibility of personal exposure to civil fines will take steps to ensure that their D&O policy will cover them if they are investigated personally. 

Example Policy Terms
Insurance coverage is available for fines and penalties. A popular form of cyber insurance includes, as an item of covered loss:
[C]ivil fines or penalties imposed by a governmental agency and arising from a Regulatory Action, unless the civil fine or penalty imposed is uninsurable under the law of the jurisdiction imposing such fine or penalty.

Another popular policy form provides coverage for "Penalties," defined as:
[A]ny civil fine or money penalty payable to a governmental entity that was imposed in a Regulatory Proceeding by the Federal Trade Commission, Federal Communications Commission, or any other federal, state, local or foreign governmental entity, in such entity's regulatory or official capacity; the insurability of Penalties shall be in accordance with the law in the applicable venue that most favors coverage for such Penalties.

Based on these definitions (which are typical), several features are prominent:
  • The fines or penalties must be "imposed by" a governmental agency.
  • The fines or penalties must be insurable under the applicable law.
  • The fines or penalties must be paid to a governmental entity or to a consumer redress fund.

While it is not an inbuilt coverage, fines and penalties can be covered under a D&O policy by suitably modifying the definition of loss or in other appropriate manner. Reproduced below is one of the definitions as found in the policy wording.

“Loss also includes civil and administrative fines and penalties, awarded against Insured Persons, to the extent such are insurable by law, and the multiplied portion of multiple damages”

There is no express law in India including Companies Act, 2013 which declares any fine and penalty as uninsurable.

Sec 197 of Companies Act, 2013, reproduced below for brevity

Section 197(13) of Companies Act, 2013:
“(13) Where any insurance is taken by a company on behalf of its managing director, whole-time director, manager, Chief Executive Officer, Chief Financial Officer or Company Secretary for indemnifying any of them against any liability in respect of any negligence, default, misfeasance, breach of duty or breach of trust for which they may be guilty in relation to the company, the premium paid on such insurance shall not be treated as part of the remuneration payable to any such personnel:
Provided that if such person is proved to be guilty, the premium paid on such insurance shall be treated as part of the remuneration.”
Surprising as it seems, there appears to be no section in the Companies Act 2013 which prohibits indemnification of any nature .

It needs to be clearly understood that as in the case of other payments, prior approval of insurance company is a prerequisite for claiming this loss. One of the policy wordings is reproduced below. Provision relating to non-admission of liability is present in all policy forms, while the language may vary from insurer to insurer.

“The Insured shall not admit or assume any liability, enter into any settlement agreement, or consent to any judgment without the prior written consent (which shall not be unreasonably delayed or withheld) of the Insurer. Only liabilities, settlements and judgments resulting from claims defended in accordance with this policy shall be recoverable as a loss under this policy”

It is good for the directors to seek, in their letter of appointment, appropriate and adequate indemnity provisions – indemnity against all losses and expenses incurred by them in relation to the discharge of their duties unless such loss/ expense is caused by their own deliberate and malicious actions. It pays to be explicit and have more inclusive provisions.

A looming question in the case of insurance for fines and penalties is whether such items can be insured despite policy language expressly providing for such coverage. As with the insurability of punitive damages, there is no uniform view. However, one can make several general observations:
  1. Fines or penalties that are based on intentional or willful conduct are likely to be challenged by the insurer based upon public policy arguments.
  2. Fines or penalties that are "punitive" in nature are more likely to be challenged by the insurer than those that are "compensatory" in nature.
  3. Penalties that are assessed vicariously against a policyholder (such as when a corporation is held liable for an unauthorized act of its employee) are less likely to be challenged.
Case law exists under a variety of statutes, and in a variety of state and federal jurisdictions, that assesses whether particular fines or penalties are punitive or compensatory, or are insurable. Cyber policies address insurability through choice of law and choice of venue. As can be seen from the example language quoted above, there are two basic approaches:
  1. One version permits coverage except to the extent that the law of the jurisdiction imposing the penalty forbids such coverage;
  2. The other version permits coverage so long as the most favorable applicable venue permits such coverage.
Under conventional choice of law procedures, an "applicable venue" is likely to be one that has some sort of relationship to the parties or to the underlying facts. A standard provision for punitive damages directs that the applicable law is
"the law of the jurisdiction most favorable to the insurability of such [punitive] damages, provided such jurisdiction has a substantial relationship to the relevant Insured, to the Company, or to the Claim giving rise to the damages."
This type of formulation appears to provide more flexibility for coverage of such penalties than one in which the penalty-imposing jurisdiction is selected.

International variation
Internationally the position is likely to be similar, albeit with some noteworthy differences, in other jurisdictions. For example, it is common in Australia for cover to be provided in respect of civil fines and some insurers have extended liability insurance to include criminal fines imposed in circumstances other than where the insured has behaved in a reckless manner (or worse). Whether or not such policies are legally enforceable remains a hotly contested issue, but despite the difference in approach from the English position, the underlying public policy issues are the same.
In the US, a number of products are available which provide cover in respect of investigations under the Foreign Corrupt Practices Act, although in keeping with the policy considerations described throughout this article, cover is limited to the costs of such an investigation and coverage for any fines or penalties is specifically excluded.
In UK the leading case law under on whether regulatory fines are “insurable at law” is decision of the Court of Appeal in Safeway Stores Ltd v Twigger [2010] EWCA Civ 1472. In this case, pursuant the Competition Act 1998, the Office of Fair Trading issued a regulatory fine against Safeway.  As a result, Safeway sued its own directors in order to claim under their D&O policy.
The First Instance Judge, Flaux J, noted that:
“…the real target of the present claim is not the assets of the individual defendants, many of whom are of modest means, but the directors’ and officers’ liability insurance available to the defendants…”
Flaux J, after reviewing the previous authorities, held that the “illegality defence” applied to the regulatory fine relating to the breach of the Competition Act 1998.  The breach was held to be sufficiently serious and “morally reprehensible”, even where it had been committed without intention.

Although potential exposure to fines and penalties is an important risk management consideration for port and terminal operators, it appears that the extent to which insurance for liabilities of this nature can be obtained is limited, at least in England and Wales. It is clear that as a matter of English law, criminal fines and penalties cannot be insured for public policy reasons and, although there is no law in this area, similar considerations are likely to apply in the case of civil fines, so that these will only be insurable where the conduct in respect of which they are incurred does not involve deliberate wrongdoing.
The ex turpi causa maxim means that even where such cover can be obtained, an insured will be precluded from making a claim if the conduct to which the fine or penalty attaches involved intentional or negligent conduct.

Legally: While many insurance policies provide cover so far as insurable by law the reality is that GDPR fines themselves will likely not fall for cover. There may be cover for the costs associated with complying with, defending or appealing investigations from the ICO. And insurers may, of course, elect to pay out an amount in respect of the fine (potentially leading to issues in respect of reinsurance recovery). Note, also, that Bermuda legislation does not prohibit passing on liability for fines and may therefore provide some excess options worth considering.
Commercially: Regardless of any debates around the legal position in coverage of fines, the commercial reality is that the value of cyber cover comes in the knowledge and expertise that can be provided by the insurer, particularly in terms of responding to a data security breach. Cyber policies will generally cover systems failure, data restoration, as well as third party claims for damages for lost data or breaches of security and privacy and may also cover amounts paid in response to cyber extortion. Crucially, they will usually also provide access to necessary and pre-approved vendors and a package of cover that includes: 
  • pre-breach offerings; 
  • disaster recovery costs; 
  • communication and notification costs; 
  • paying for forensic investigations to determine the cause of the breach; 
  • legal advice; 
  • engaging experts to manage public relations and protect the company's reputation; 
  • lost income and payroll as a result of a breach; and 
  • credit monitoring for customers.
Of course, insurance can be no substitute for robust data protection policies - and the potential to be on the wrong end of a GDPR penalty makes it all the more important for companies to invest in such policies and procedures. However, in today's climate of increased cybercrime, it is vital for businesses to arrange cyber-cover and to partner with insurers in order to assess its exposures and be in a position to respond swiftly and effectively as and when a security breach occurs. Just don't have an unrealistic expectation that it will provide indemnification in respect of any GDPR fines.

Saturday, October 21, 2017

Prashant Mali images of Gartner Security & Risk Conference in Dubai

Prashant Mali images of Information Intelligence Conclave 2017

 My favourite picture
 my favourite portrait

Prashant Mali SKYDIVING Thrilling Experience in Dubai

Prashant Mali SKYDIVING Thrilling Experience in Dubai

16th October first day of Diwali festival in India, so when India started their Diwali celebrations i was booked for my life time experience at the Dubai Skydive i.e the agency which helps people sky dive in dubai. The cost is around Rs. 35000 which includes flying, diving and photography with storage device.
i was called to checkin at 12:00 had a long wait till 2:15 PM as i had a long rush before and a lunch break. I found many girls from Asia and americas and 20 percent boys strange but true. there 2-3 type of divers like professionals, amateurs and first timers like me. The energy in the camp is vibrant and radiant. Jumpers go and come back in regular time intervals, it is a 20 minute journey.
I dont know but i had a sheer determination and focus so even beautiful girls around me didn't bother me much nor did i was talking to any one. I waited for my chance to come, once my name was announced i found out one guy from mumbai with me too, i could than lodge my belongings to his bag as no lockers are provided.
The companion trainer and diver was allocated along with my camera lady. My companion name was Joseph Junior, he looked very serious types but confident . my camera lady took some videos of me and introduced her to me. A small electric vehicle took us to the close by airport or flying strip which runs into the ocean.
We are ready to be boarded in the plane , the air strip is noisy as the plane makes rattling noise of its 
turbo prop. In side the plane dont expect any air hostesses, its a bench type sitting on both sides. we were 15 of us, 4 were self jumpers. Every sky diver like me as 2 persons for support. first the plane flies almost horizontal and then suddenly the angle changes and some us slide down as it starts climbing. We can the picturesque buildings, the sky line of dubai below.

In the plane some are somber, some are preparing, some watching out of window and some are super excited for the jump of their life.

I was cheerful as if i jump daily, i had put complete confidence in God and my pillion diver . i was waiting for the experience

i was second in line to jump and i was prepared and tied along with my jumper, i got ready without a single point of fear in mind, frankly saying i never saw myself being so much patient and calm and that to 18000 ft up above in the sky. Probably i was feeling like Darr ke agey jeet hai.. there is a win ahead of fear. 18,000ft extreme jumps (altitude only available at CSC): approximately 90 seconds in freefall, 5-7 minutes under the parachute before landing 
i was readied to jump, my photographer went ahead to take my pictures and video of my jump, kudos to her coz when we jumped on chest she jumped on back to catch our jumping moments, she kept smiling and that made me smile to. you can see i was so tempted to jump.

After i jumped or sky dived few seconds were out of the world, the air guzzles around you as you go keep falling from the sky to the beautiful Palm islands. those few seconds are important if you loose your concentration and mind you loose the experience of your life and even the pictures taken of you will be spoilt. you need to focus on three things, what is your trainer telling you, where is your photographer and enjoy the fall and scene around you.

All good scene is accompanied with good amount of air pressure as your face is unprotected but your eyes are. The feeling of leaving the plane is similar to when you've just jumped on a trampoline and you're in mid air, starting to descend back down. It only takes a few seconds after leaving the plane for you body to reach terminal velocity. After that, it feels more like moving down a cushion of air. You can feel the pressure of the wind on your body. 
The scenic Palm, a man made island in dubai with the help of land filling is a marvellous treat to your eyes. Then comes a spin, which confused me a bit but was joyful.
The best picture which i have, where i was smiling as if i only smiled through the diving experience was one below. i even used it as diwali greetings and as DP on my WhatsApp.
One of the other scenes you see is the incomplete Dubai World islands, the other ambitious project which seems to be stalled as of date. the small islands which you see below me in next picture is the Dubai World project where there would be islands in the shape of countries.
The picture below depicts the pressure on my face, when i opened it to smile for the camera. you can zoom to see it. It's too loud to carry on a conversation, but not loud enough that you have to wear earplugs in freefall. You may be able to hear screams, but that's about it. Once the parachute opens, it's actually pretty quiet, with the sound of a light breeze. You will be able to speak in a normal voice with your instructor while flying the canopy
The best part is when the parachute opens and the fall stabilises, i small thud a pull and the parachute opens which also tightens your gear around you. It doesn't hurt. The harness is adjusted to you before your jump and tightened so that there's no real shock from it pulling when the parachute opens. Grab your belt and pull your pants up. It's about like that.You suddenly are in standing and then sitting position carrying your weight. The scene becomes awesome when the parachute goes around the Dubai skyline. I felt a bit fearful when the partner was loosening the harness, i felt like the harness would but cut loose and i may go down.

Flying, Diving and on parachute all experience are  highly recommended and i wish to do it again, i  had a perfect landing as the photo shows below, cleberating my triumph 

I have uploaded complete video on youtube and the link is below, enjoy and comment too

Monday, October 2, 2017

E-tender Landmark case judgment in Shapoorji Pallonji Co Vs State, Mhada, NIC & Ors

Final Judgement for Download

E-tender case of BDD Chawl Development project of MAHADA
Verified button pressing not registered on the software, but the tender files submitted on the server. Hon. Bombay HC asks NIC to team with MAHADA to submit the uploaded files and consider Shapoorji Pallonji Co. Pvt. Ltd as valid bidder.

This was the best landmark judgement where i (Prashant Mali) was acting as Expert Legal Counsel in e-tender matter along with Iqbal Chagla & Ravi Kadam (famous Sr. Advocates). My Legal opinion delivered earlier played a crucial role in defending the matter.
For this was one of the historical case in my carrier and also is a landmark case in e-tender and Information technology domain.

Shapoorji Pallonji & Company Pvt. Ltd. Vs State of Maharashtra, Mhada, NIC & Ors

A interesting Judgement in e-tender & technology Case of Bombay High Court
11000 Crores India Biggest Redevelopment Project of BDD Chawls in Mumbai

The bid document was to be down loaded from the e­tender website from 3rd April, 2017 to 17th May, 2017 and the bidders were advised to refer to bidders' manual kit available at for details about e­tender process to be followed. The last date of the submission of the OnLine bid was scheduled as 17th May, 2017 which was extended from time to time and lastly it was fixed as 27th July, 2017 at 13.00 hours IST. NIC was entrusted with the duty of officially hosting, designing and developing websites and servers for various governmental agencies as an expert body and hosts on its server, this particular tender for BDD Chawls was hosted for MHADA.
Shapoorji Pallonji Pvt. Ltd raised certain pre­bid queries and uploaded its technical and financial bid on 27th July, 2017 at about 12.16 hrs on e­procurement system . 

The Contention

In this case, the Shapoorji Pallonji Pvt. Ltd my client has uploaded the technical and financial documents before the bid submission end date and time. However, it was alleged that they have not clicked on the freeze button. Unless or otherwise the freeze button is clicked, the document will not be available to the tender inviting authority i.e MHADA and will remain in the area allocated for the bidder in the servers of NIC.
What was the solution:
So in Public Interest NIC was needed retrieve the encrypted bid files uploaded to their servers by my client and submit the uploaded files to MHADA for decryption and consideration for bidding .
Court held that that technology has its own glitches and the moot question is whether such glitches, which causes substantial injustice are permitted to be cured manually. Court said when as on today we have not reached a stage where the systems is full proof and gives a guarantee that it is not susceptible to any error.The impact of technology in our life today, is unimaginable. We use technology every day and it has saved us of time and efforts. Introduction of the e­-tendering system has made the cumbersome process of tenders simple, faster and also free from unnecessary human intervention. However, in a situation with which we have dealt with above, the question is whether the use of the technology has offered solutions or it has created issues. The increased dependency on modern technology has reduced our creativity and human being is dependent upon the said technology which undisputedly is an useful servant but a dangerous master. In words of Albert Einstein “human spirit must prevail over technology”. 
In the present case in hand court observes that uncertainty prevails in certain areas and no technology can make the system 'full proof' and as such a situation where the technology can err, we cannot completely exclude the element of human intervention in exceptional circumstances. Ultimately, it is the human being who controls the technology and when it errs, it is for the human being to rectify it. No solution is coming from the expert and the technology operator­ NIC as to what happens if the “freeze button is not clicked”. 
On the other hand, the NIC itself shows that once the bids are uploaded, they remain safe and saved and human intervention is not possible. Court felt it expedient to intervene in the technological procedure since we feel that the technology has failed to serve its intended purpose in the present case and interest of justice call for intervention. Every citizen has legal and fundamental rights which are required to be protected and in a digital world the said rights cannot be lost sight of but the same are to be protected by providing alternative and effective solutions, to be introduced into the modern technology/web­system and in the process of tender it is very much necessary to ensure that the bidders are not shunted out of the procedure only on account of any technical glitch and technology needs to be developed in a manner to cater to their needs without causing any delay in the scheduled time. We also makes it clear that we are inclined to grant relief to the petitioners, considering 'public interest and the fact that the bid of petitioners (technical/financial) are already sealed after their uploading and no changes are possible now, and we treat this as sealed packets submitted within date and time as per tender document.

Court issued directions to the NIC to access the files containing the bid documents of the petitioners and transfer and/or make it available to respondent no.2 MHADA which would decrypt the said files and consider the bid documents of the petitioners as a “valid bid” with the assistance of the NIC and open the technical bid of the Shapoorji Pallonji Co. Pvt Ltd..

Final Judgement for Download

Navy man in Jail for 2 years for Child Pornography, cyber crime in India

Navy man gets 2 years Jail for Child Pornography, cyber crime in India : Cyber crime conviction By Prashant Mali In the case of D...