#FactCheck - The video of Virat Kohli promoting online casino mobile app is a deep fake.

Introduction

In India, the rights of children with regard to protection of their personal data are enshrined under the Digital Personal Data Protection Act, 2023 which is the newly enacted digital personal data protection law of India. The DPDP Act requires that for the processing of children's personal data, verifiable consent of parents or legal guardians is a necessary requirement. If the consent of parents or legal guardians is not obtained then it constitutes a violation under the DPDP Act. Under section 2(f) of the DPDP act, a “child” means an individual who has not completed the age of eighteen years. 

Section 9 under the DPDP Act, 2023

With reference to the collection of children's data section 9 of the DPDP Act, 2023 provides that for children below 18 years of age, consent from Parents/Legal Guardians is required. The Data Fiduciary shall, before processing any personal data of a child or a person with a disability who has a lawful guardian, obtain verifiable consent from the parent or the lawful guardian. Section 9 aims to create a safer online environment for children by limiting the exploitation of their data for commercial purposes or otherwise. By virtue of this section, the parents and guardians will have more control over their children's data and privacy and they are empowered to make choices as to how they manage their children's online activities and the permissions they grant to various online services. 

Section 9 sub-section (3) specifies that a Data Fiduciary shall not undertake tracking or behavioural monitoring of children or targeted advertising directed at children. However, section 9 sub-section (5) further provides room for exemption from this prohibition by empowering the Central Government which may notify exemption to specific data fiduciaries or data processors from the behavioural tracking or target advertising prohibition under the future DPDP Rules which are yet to be announced or released. 

Impact on social media platforms

Social media companies are raising concerns about Section 9 of the DPDP Act and upcoming Rules for the DPDP Act. Section 9 prohibits behavioural tracking or targeted advertising directed at children on digital platforms. By prohibiting intermediaries from tracking a ‘child's internet activities’ and ‘targeted advertising’ - this law aims to preserve children's privacy. However, social media corporations contended that this limitation adversely affects the efficacy of safety measures intended to safeguard young users, highlighting the necessity of monitoring specific user signals, including from minors, to guarantee the efficacy of safety measures designed for them.

Social media companies assert that tracking teenagers' behaviour is essential for safeguarding them from predators and harmful interactions. They believe that a complete ban on behavioural tracking is counterproductive to the government's objectives of protecting children. The scope to grant exemption leaves the door open for further advocacy on this issue. Hence it necessitates coordination with the concerned ministry and relevant stakeholders to find a balanced approach that maintains both privacy and safety for young users.

Furthermore, the impact on social media platforms also extends to the user experience and the operational costs required to implement the functioning of the changes created by regulations. This also involves significant changes to their algorithms and data-handling processes. Implementing robust age verification systems to identify young users and protect their data will also be a technically challenging step for the various scales of platforms. Ensuring that children’s data is not used for targeted advertising or behavioural monitoring also requires sophisticated data management systems. The blanket ban on targeted advertising and behavioural tracking may also affect the personalisation of content for young users, which may reduce their engagement with the platform.

For globally operating platforms, aligning their practices with the DPDP Act in India while also complying with data protection laws in other countries (such as GDPR in Europe or COPPA in the US) can be complex and resource-intensive. Platforms might choose to implement uniform global policies for simplicity, which could impact their operations in regions not governed by similar laws. On the same page, competitive dynamics such as market shifts where smaller or niche platforms that cater specifically to children and comply with these regulations may gain a competitive edge. There may be a drive towards developing new, compliant ways of monetizing user interactions that do not rely on behavioural tracking.

CyberPeace Policy Recommendations

A balanced strategy should be taken into account which gives weightage to the contentions of social media companies as well as to the protection of children's personal information. Instead of a blanket ban, platforms can be obliged to follow and encourage openness in advertising practices, ensuring that children are not exposed to any misleading or manipulative marketing techniques. Self-regulation techniques can be implemented to support ethical behaviour, responsibility, and the safety of young users’ online personal information through the platform’s practices. Additionally, verifiable consent should be examined and put forward in a manner which is practical and the platforms have a say in designing the said verification. Ultimately, this should be dealt with in a manner that behavioural tracking and targeted advertising are not affecting the children's well-being, safety and data protection in any way. 

Final Words

Under section 9 of the DPDP Act, the prohibition of behavioural tracking and targeted advertising in case of processing children's personal data - will compel social media platforms to overhaul their data collection and advertising practices, ensuring compliance with stricter privacy regulations. The legislative intent behind this provision is to enhance and strengthen the protection of children's digital personal data security and privacy. As children are particularly vulnerable to digital threats due to their still-evolving maturity and cognitive capacities, the protection of their privacy stands as a priority. The innocence of children is a major cause for concern when it comes to digital access because children simply do not possess the discernment and caution required to be able to navigate the Internet safely. Furthermore, a balanced approach needs to be adopted which maintains both ‘privacy’ and ‘safety’ for young users.

References

• https://www.meity.gov.in/writereaddata/files/Digital%20Personal%20Data%20Protection%20Act%202023.pdf 
• https://www.firstpost.com/tech/as-govt-of-india-starts-preparing-rules-for-dpdp-act-social-media-platforms-worried-13789134.html#google_vignette
• https://www.business-standard.com/industry/news/social-media-platforms-worry-new-data-law-could-affect-child-safety-ads-124070400673_1.html

‍

Executive Summary:

A viral claim circulating on social media suggests that the Indian government is offering a 50% subsidy on tractor purchases under the so-called "Kisan Tractor Yojana." However, our research reveals that the website promoting this scheme, allegedly under the Ministry of Agriculture and Farmers Welfare, is misleading. This report aims to inform readers about the deceptive nature of this claim and emphasize the importance of safeguarding personal information against fraudulent schemes.

‍

‍

Claim:

A website has been circulating misleading information, claiming that the Indian government is offering a 50% subsidy on tractor purchases under the so-called "Kisan Tractor Yojana." Additionally, a YouTube video promoting this scheme suggests that individuals can apply by submitting certain documents and paying a small, supposedly refundable application fee. 

‍

‍

Fact Check: 

‍

Our research has confirmed that there is no scheme by the Government of India named 'PM Kisan Tractor Yojana.' The circulating announcement is false and appears to be an attempt to defraud farmers through fraudulent means.

While the government does provide various agricultural subsidies under recognized schemes such as the PM Kisan Samman Nidhi and the Sub-Mission on Agricultural Mechanization (SMAM), no such initiative under the name 'PM Kisan Tractor Yojana' exists. This misleading claim is, therefore, a phishing attempt aimed at deceiving farmers and unlawfully collecting their personal or financial information.

Farmers and stakeholders are advised to rely only on official government sources for scheme-related information and to exercise caution against such deceptive practices.

To assess the authenticity of the “PM Kisan Tractor Yojana” claim, we reviewed the websites farmertractoryojana.in and tractoryojana.in. Our analysis revealed several inconsistencies, indicating that these websites are fraudulent.

As part of our verification process, we evaluated tractoryojana.in using Scam Detector to determine its trustworthiness. The results showed a low trust score, raising concerns about its legitimacy. Similarly, we conducted the same check for farmertractoryojana.in, which also appeared untrustworthy and risky. The detailed results of these assessments are attached below.

Given that these websites falsely present themselves as government-backed initiatives, our findings strongly suggest that they are part of a fraudulent scheme designed to mislead and exploit individuals seeking genuine agricultural subsidies.

‍

‍

During our research, we examined the "How it Works" section of the website, which outlines the application process for the alleged “PM Kisan Tractor Yojana.” Notably, applicants are required to pay a refundable application fee to proceed with their registration. It is important to emphasize that no legitimate government subsidy program requires applicants to pay a refundable application fee.

‍

‍

Our research found that the address listed on the website, “69A, Hanuman Road, Vile Parle East, Mumbai 400057,” is not associated with any government office or agricultural subsidy program. This further confirms the website’s fraudulent nature. Farmers should verify subsidy programs through official government sources to avoid scams.

‍

‍

A key inconsistency is the absence of a verified social media presence. Most legitimate government programs maintain official social media accounts for updates and communication. However, these websites fail to provide any such official handles, further casting doubt on their authenticity.

‍

‍

Upon attempting to log in, both websites redirect to the same page, suggesting they may be operated by the same entity or individual. This further raises concerns about their legitimacy and reinforces the likelihood of fraudulent activity.

‍

‍

Conclusion:

Our research confirms that the "PM Kisan Tractor Yojana" claim is fraudulent. No such government scheme exists, and the websites promoting it exhibit multiple red flags, including low trust scores, a misleading application process requiring a refundable fee, a false address, and the absence of an official social media presence. Additionally, both websites redirect to the same page, suggesting they are operated by the same entity. Farmers are advised to rely on official government sources to avoid falling victim to such scams.

• Claim: PM-Kisan Tractor Yojana Government Offering Subsidy on tractors.
• Claimed On: Social Media
• Fact Check:  False and Misleading 

‍

‍

Introduction

Search Engine Optimisation (SEO) is a process through which one can improve website visibility on search engine platforms like Google, Microsoft Bing, etc. There is an implicit understanding that SEO suggestions or the links that are generated on top are the more popular information sources and, hence, are deemed to be more trustworthy. This trust, however, is being misused by threat actors through a process called SEO poisoning.

SEO poisoning is a method used by threat actors to attack and obtain information about the user by using manipulative methods that position their desired link, web page, etc to appear at the top of the search engine algorithm. The end goal is to lure the user into clicking and downloading their malware, presented in the garb of legitimate marketing or even as a valid result for Google search.

An active example of attempts at SEO poisoning has been discussed in a report by the Hindustan Times on 11th November, 2024. It highlights that using certain keywords could make a user more susceptible to hacking. Hackers are now targeting people who enter specific words or specific combinations in search engines. According to the report, users who looked up and clicked on links at the top related to the search query “Are Bengal cats legal in Australia?” had details regarding their personal information posted online soon after.

SEO Poisoning - Modus Operandi Of Attack

There are certain tactics that are used by the attackers on SEO poisoning, these are:

• Keyword stuffing- This method involves overloading a webpage with irrelevant words, which helps the false website appear higher in ranking.
• Typosquatting- This method involves creating domain names or links similar to the more popular and trusted websites. A lack of scrutiny before clicking would lead the user to download malware, from what they thought was a legitimate site.
• Cloaking- This method operates by showing different content to both the search engines and the user. While the search engine sees what it assumes to be a legitimate website, the user is exposed to harmful content.
• Private Link Networks- Threat actors create a group of unrelated websites in order to increase the number of referral links, which enables them to rank higher on search engine platforms.
• Article Spinning- This method involves imitating content from other pre-existing, legitimate websites, while making a few minor changes, giving the impression to search engine crawlers of it being original content.
• Sneaky Redirect- This method redirects the users to malicious websites (without their knowledge) instead of the ones the user had intended to click.

CyberPeace Recommendations

• Employee Security Awareness Training: Security awareness training can help employees familiarise themselves with tactics of SEO poisoning, encouraging them to either spot such inconsistencies early on or even alert the security team at the earliest. 
• Tool usage: Companies can use Digital Risk Monitoring tools to catch instances of typosquatting. Endpoint Detection and Response (EDR) tools also help keep an eye on client history and assess user activities during security breaches to figure out the source of the affected file.
• Internal Security Measures: To refer to lists of Indicators of Compromise (IOC). IOC has URL lists that show evidence of the strange behaviour of websites, and this can be used to practice caution. Deploying Web Application Firewalls (WAFs) to mitigate and detect malicious traffic is helpful.

Conclusion

The nature of SEO poisoning is such that it inherently promotes the spread of misinformation, and facilitates cyberattacks. Misinformation regarding the legitimacy of the links and the content they display, in order to lure users into clicking on them, puts personal information under threat. As people trust their favoured search engines, and there is a lack of awareness of such tactics in use, one must exercise caution while clicking on links that seem to be popular, despite them being hosted by trusted search engines.

References

• https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cyber-attack/what-is-seo-poisoning/
• https://www.vectra.ai/topics/seo-poisoning
• https://www.techtarget.com/whatis/definition/search-poisoning
• https://www.blackberry.com/us/en/solutions/endpoint-security/ransomware-protection/seo-poisoning
• https://www.coalitioninc.com/blog/seo-poisoning-attacks
• https://www.sciencedirect.com/science/article/abs/pii/S0160791X24000186
• https://www.repindia.com/blog/secure-your-organisation-from-seo-poisoning-and-malvertising-threats/ 
• https://www.hindustantimes.com/technology/typing-these-6-words-on-google-could-make-you-a-target-for-hackers-101731286153415.html

‍